Decentralised finance crimes define crypto hacks in 2021

Decentralised finance (DeFi) crimes continue to define major crypto-currency hacks and fraud in 2021.

This is according to crypto intelligence firm CipherTrace, which has released its August 2021 Crypto-currency Crime and Anti-Money Laundering Report.

The report notes that by the end of July 2021, major crypto-currency thefts, hacks and fraud totalled $681 million.

“While this number continues to be dwarfed by previous years’ highs, a breakdown of the types of thefts and fraud confirms a trend observed at the beginning of last quarter: DeFi-related crimes continue to grow quarter-over-quarter, with Q2 2021 netting criminals new highs in DeFi-related proceeds.”

DeFi is a blockchain-based form of finance that does not rely on central financial intermediaries such as brokerages, exchanges, or banks to offer traditional financial instruments, and instead utilises smart contracts on blockchains, the most common being Ethereum.

The CipherTrace report comes after Poly Network, a global platform that looks to connect different blockchains so they can work together, was hacked of over $600 million (R8.7 billion) worth of crypto-currency.

However, in a turn of events, the “white-hat hacker” who broke into the system has since returned most of the stolen funds.

According to CipherTrace, when breaking down crypto crimes by DeFi and non-DeFi-related, a clear pattern emerges.

It notes that by July 2021, DeFi-related hacks totalled $361 million, already making up three-quarters of the total hack volume this year – a 2.7x increase from 2020.

“DeFi-related fraud continues to rise, as well. At the time of this report, DeFi-related fraud accounted for 54% of major crypto fraud volume, whereas last year, DeFi-related fraud only made up 3% of the year’s total,” says the firm.

It adds that the end of Q2 2021 brought an additional $329 million in DeFi-related hacks and fraud. With the addition of $35.6 million from the first month of Q3, 2021’s year-to-date total is now over $471 million at the time of this report.

The firm points out that these DeFi crimes can generally be broken down into two categories – either a hack of a DeFi protocol by outside agents, or a rugpull conducted by insiders.

“A majority of the DeFi volume netted by criminals in 2021 appears to have been conducted by outside agents as DeFi-related hacks make up $361 million – 76% of all DeFi-related crime at the time of this report. The remaining 24% are rugpulls tallying over $113 million year-to-date.

“While DeFi-related hacks triple fraud by volume, a look at both by quarter shows consistent – nearly identical – growth from the year prior. Both hack and fraud volumes have increased 2.7 to 2.8 times their 2020 volume, as DeFi’s explosive growth over the last year continues to attract more than just new investors.”

According to CipherTrace, another common trend found in analysing DeFi hacks are the use of flash loans, which have been used in a majority of DeFi protocol attacks in the past year.

It explains that because flash loans require no collateral or ‘know your customer’, it is increasingly difficult to catch bad actors using them to fund their attacks.

However, it says the crux of the problem lies not in platforms giving out the flash loans, but the unaudited smart contracts the loans are sent to and that are later exploited.

The report also refers to the Africrypt case in South Africa, which saw two Durban brothers shut down their crypto trading platform after what they claim was a hack, and apparently disappear.

Investors who invested millions of rands in the platform are still trying to piece together what went wrong.

CipherTrace says the brothers – Ameer and Raees Cajee – two South African natives and founders of Bitcoin-based company Africrypt, have gone missing, along with an alleged 69 000 Bitcoin (worth roughly $3.6 billion at the time of their disappearance).

CipherTrace says it has been unable to verify this total and believes the true amount taken to be an order of magnitude less.

“As such, we have not included Africrypt in our year-to-date total for crypto-currency scams,” it says.

It points out that issues first came to light when investors requested a law firm to investigate an alleged hack in April.

“After the investigation was complete, then-CEO Ameer Cajee instructed the investigating firm to keep the information gained from the authorities. Shortly after, Africrypt employees and developers lost access to the back-end of the platform.”