Decentralised finance (DeFi) platform investors are being warned to be cautious by the US Federal Bureau of Investigation (FBI) since these platforms have been the target of $1.26 billion worth of exploits – this year alone.
The FBI warned investors to thoroughly study DeFi platforms before utilising them in a public service announcement posted on the FBI’s Internet Crime Complaint Center on Tuesday. The agency also urged platforms to strengthen monitoring and carry out rigorous code testing.
The FBI pinpointed smart contracts to be the source of exploitation by cybercriminals to steal cryptocurrencies. With the increased interest of investors in cryptocurrencies, complexities in cross-chain functionality, and the open source nature of DeFi platforms, cybercriminals can easily exploit and take advantage of these vulnerabilities.
The observation was backed by data provided by US blockchain analysis firm Chainalysis. The amount of cryptocurrencies stolen from DeFi platforms has increased by 72% from 2021 and 30 percent from 2020, respectively. Between January and March 2022, cybercriminals stole $1.3 billion in cryptocurrencies, and almost 97 percent of that was stolen from DeFi platforms.
Investors who suspect cybercriminals have stolen their DeFi investments are encouraged to contact the FBI via the Internet Crime Complaint Center or their local FBI field office.
Other than making an investment decision based on their financial objectives and resources, the FBI recommends investors do the following things:
- Research DeFi platforms, protocols, and smart contracts before investing, and be aware of the specific risks involved in DeFi investments.
- Ensure the DeFi investment platform has conducted one or more code audits performed by independent auditors.
- Be alert to DeFi investment pools with extremely limited timeframes to join and rapidly deploy smart contracts, especially without the recommended code audit.
- Be aware of the potential risk posed by crowdsourced solutions to vulnerability identification and patching.
DeFi platforms are also encouraged to take a more proactive role in protecting themselves and investors.
DeFi platforms should Institute real-time analytics, monitoring, and rigorous testing of code to identify vulnerabilities and respond to indicators of suspicious activity more quickly.
They should also develop and implement an incident response plan that includes alerting investors when smart contract exploitation, vulnerabilities, or other suspicious activity is detected.
With the creation of the Virtual Asset Exploitation Unit earlier this year, the FBI has increased its efforts to combat crime in the digital asset sector, according to a statement made by U.S. Deputy Attorney General Lisa Monaco.
As part of a shift in emphasis toward disrupting global criminal networks rather than just their prosecution, the specialized team is focused on cryptocurrencies. It includes specialists to assist with blockchain analysis.