Hackers and scammers have shifted from breaching centralizing entities to exploiting decentralized projects, according to a new report.
More than $14.5 billion in crypto has been lost to hacks and scams since 2011, and DeFi (decentralized finance) is attackers’ new favorite target, says analytics firm Crystal Blockchain.
In the past 11 years, there have been 167 hacks of DeFi protocols and 123 security breaches on centralized exchanges, according to Crystal’s new report. While breaching centralized platforms accounted for over $3.2 billion in crypto stolen, more than $4 billion was funneled out of exploited DeFi projects. The remaining billions were lost to scammers.
Since 2021, hackers’ attention has shifted notably toward decentralized protocols. This year, decentralized projects have been hacked 20 times more often than centralized ones, the report says, and funds stolen from the top 10 DeFi attacks exceeded $2.5 billion.
The main reason for the acceleration of attacks on DeFi projects is the sector’s growth, Nick Smart, Crystal’s director of blockchain intelligence and data, told CoinDesk. While projects are rushing to market with insufficient testing, centralized exchanges are improving their security, he said, bowing to user demand and heightened attention from regulators.
“There is a saying that nothing is unhackable – all you need is enough time, talent and creativity and you’ll get there,” Smart said. “And some illegal hacking groups, like nation-state backed ones such as North Korea’s Lazarus, are very effective and very focused on exploiting such opportunities.”