Attention FAE Customers:
Please be aware that NASBA credits are awarded based on whether the events are webcast or in-person, as well as on the number of CPE credits.
Please check the event registration page to see if NASBA credits are being awarded for the programs you select.

Want to save this page for later?

NextGen Magazine

 
 

Hacks Plague Decentralized Finance

By:
S.J. Steinhardt
Published Date:
Sep 29, 2022

Cryptocurrency-digital-assets

Vulnerabilities in decentralized finance (DeFi) have led to hackers absconding with more that $2.2 billion in digital currency so far this year, The New York Times reported.

The Times highlighted some of the lingering problems with the aspirational move away from so-called “TadFi,” what DeFi enthusiasts call traditional finance. TradFi includes banks, stock exchanges and other regulated financial services, which DeFi replaces with software.

One of the problems is that some of this software is built on faulty code. That enables hackers to penetrate the systems.

Such was the case with Beanstalk, which offered a stablecoin, a type of cryptocurrency with a fixed value of $1. Started by three University of Chicago classmates, Beanstalk attracted crypto speculators before collapsing in April, when a hacker exploited a flaw in its design to steal more than $180 million from users.

These flaws stem from the software being open source, which enables hackers to use a publicly viewable map of the software, in order to plan attacks on the digital infrastructure itself, instead of getting in through a user's account, according to the Times.

The Times reported that while hackers have menaced the crypto industry for several years, the quick proliferation of DeFi start-ups has presented them with a newer target.

Such start-ups are loosely regulated, allowing people to conduct financial transactions such as loans without revealing their identities or undergoing a credit check.

The overall industry is on a pace for its worst year of hacking losses, according to the Times, using the $2.2 billion figure provided by crypto tracking firm Chainalysis. In response, DeFi startups are hiring cybersecurity firms and auditors to examine their codes for hacks, bugs and other weaknesses that can be planted and exploited by savvy individuals or rogue states.

“This year was a good year for attackers,” Goncalo Sa, a founder of ConsenSys Diligence, which conducts code audits, told the Times.

The industry is experiencing growing pains, as hackers find more ways to infiltrate and steal. One weakness is due to what is called a cross-chain bridge, which allows investors to switch back and forth between digital currencies built on separate blockchains, Bloomberg has reported.

A total of 10 hacks this year have involved bridges, leading to losses of $1.3 billion, according to Chainalysis.

One crypto entrepreneur remains both philosophical and optimistic.

“We’re all figuring this out together,” Beanstalk co-founder Ben Weintraub told the Times.

In June, the project announced plans to restart.