FBI warns about risks of using unsafe DeFi platforms

Cybercriminals are exploiting vulnerabilities in smart contracts, crypto bridges and initiating flash loans to target users on DeFi platforms.
September 01, 2022 - Cynthia Chung

The Federal Bureau of Investigation (FBI)  issued a global warning about planned attacks against decentralized finance (DeFi) platforms. 


In Q1 2022, hackers stole US$ 1.9 billion worth of digital assets , 97% of which was through DeFi platforms. This marks an increase from 72% in 2021 and 30% in 2020.


‘Between January and March 2022, cyber criminals stole $1.3 billion in cryptocurrencies, almost 97 percent of which was stolen from DeFi platforms,’ the agency claims, citing an April 2022 report by blockchain analysis firm Chainalysis.


Cybercriminals are exploiting vulnerabilities in the smart contracts to launch attacks, ‘using an investment strategy or self-executing contracts with “an agreement between the buyer and seller written directly into lines of code that exist across a distributed decentralized blockchain network’, according to the agency. 


They are also initiating flash loans to trigger exploits. In the case of the November 2021 attack on the Ethereum DeFi project, which saw scammers run off with US$ 55 million worth of digital assets.

Exploiting a vulnerability in Nomad token bridge earlier this month is also mentioned.

The FBI recommends that users do their due diligence on DeFi platforms, and protocols before investing. In addition, to make sure the DeFi platform you’re investing in has been subject to independent audit and has been around for some time. 


Furthermore, investors should also be wary of DeFi investment pools with limited timeframes to join, and rapid deployment of smart contracts.

In the meantime, DeFi platforms should start instituting real-time analysis, monitoring and testing. They should also have a plan for dealing with exploits and warning investors. 


Photo: Getty


China activists uses NFTs and IPFS storage to bypass censorship

Dec 01, 2022

Singaporean Development Council to distribute NFTs for charity

Oct 14, 2022

SEC probes Yuga Labs for unregistered securities sale

Oct 13, 2022

Yuga Labs inaugurates the Bored Ape Yacht Club Council

Oct 07, 2022