Halborn Logo

// Blog

DeFi Hacks

Crypto Hacks: Why They Happen and Why Some May Be a Good Thing


Rob Behnke

September 8th, 2021

$45 million stolen in the Pancakebunny Protocol hack.

2804.96 ETH and 462,079,976 AMP tokens stolen as part of the CREAM Finance hack.

And in the biggest DeFi hack to date, The Poly Network suffered an exploit of over $600 million.

Headlines like these exemplify the growing trend of attacks on Decentralized Finance (DeFi) protocols and the damage they’ve done to various projects and their investors. On the surface, these attacks highlight the inherent weaknesses found in many DeFi protocols. However, beneath the surface, many in the crypto space believe these attacks will help with the long-term advancement of the DeFi space.

Everything from developers having to create new tech to better protect the sector, to compliance-based safeguards for investors, DeFi hacks force the sector to move forward and provide an increasingly secure user experience.  So in this article we’ll look at how this is taking shape.

How and Why DeFi Protocols Get Hacked

Cryptocurrency has a hacking problem, and DeFi is on the forefront of the issue. Of all crypto hacks in 2021, DeFi attacks accounted for over 75% of them, as noted in CipherTrace’s Cryptocurrency Crime Report. And even though crypto crime on a whole is down compared to last year, DeFi related attacks are up almost 300%. We’ve covered quite a number of these hacks on our blog, especially in our Explained series, but let’s take a look at how and why DeFi protocols typically get exploited.

Explosive Growth in the DeFi Sector

DeFi is still a relatively new sector and growth has exploded – as total value locked (TVL) went from less than $2 million in 2017 to well over $80 billion in 2021. This incredible growth undoubtedly included growing pains, and when a sector grows as fast as DeFi has, it’s no surprise that it also attracts a drove of hackers looking to exploit the inherent shortcomings of new technology.

Transparency and Anonymity 

Some of the hallmarks of the crypto space are that it is permissionless and anonymous. These are characteristics that have allowed crypto and DeFi projects to change the face of finance and provide a foundation that is rapidly changing how people do things. But on the other hand, these same advantages also serve as the perfect foundation for hackers to wreak havoc on DeFi projects and their investors. 

Hackers can usually do a few things quite easily to aid in any given exploit:

  1. Obtain a full copy of the blockchain and study its codebase
  2. Study the entire business model of the protocol including how it interacts with third-party applications and then look for any weaknesses
  3. Build their own model and test how the hack could be carried out in a real environment

This gives hackers time to perfect their attack before it even happens, and it’s one of the many reasons DeFi hacks have become so widespread. 

Flash Loan Attacks

A flash loan is a type of loan that happens on the blockchain with the use of smart contracts. These loans provide many advantages in finance that were not possible before blockchain technology, but with that comes a host of vulnerabilities that hackers exploit in the form of flash loan attacks.

One of the most infamous flash loan attacks occurred on the DeFi protocol bZx, and it perfectly illustrates how these kinds of attacks can work.

  • The attacker took out a flash loan and converted part of it the sUSD stablecoin, which has a pegged value to the US dollar
  • The attacker then put in a large order of sUSD using borrowed ETH, which artificially inflated the price of sUSD on Kyber Network
  • The bZx protocol thought that sUSD was worth 2X more than it really was, and the attacker used this price inflation to borrow 2X the amount of ETH than it would otherwise be allowed to under normal circumstances 
  • The attacker repaid the loan at the normal value, and stole the rest (inflated value difference)

Flash loans and their use of smart contacts only arrived on the Ethereum blockchain in 2020 so the technology is still relatively young. And one of the big debates in this area revolves around how simple it is for hackers to manipulate a protocol with very little upfront investment – where traditionally, in order to manipulate a protocol, a hacker would be forced to put up so much capital and resources it effectively wouldn’t be profitable. This was one of the major points of Satoshi Nakamoto’s original Bitcoin whitepaper.

DeFi Hacks Call For Stronger Governance and More Compliance

Relatively speaking, DeFi protocols are developed quickly and operate under little to no regulation – the kinds of conditions that attract hackers. But now, financial compliance entities including the Security Exchange Commission (SEC) are stepping in “to protect investor interests” (or so they put it). Many people in the crypto space believe that government regulation generally goes against the original ethos of cryptocurrency, but there’s no denying that some form of compliance will force the DeFi sector and crypto as a whole to move forward and do a better job of protecting its users. So below, we’ll look at some of the ways this is happening.

Government Regulation

DeFi services are accessible without KYC (Know Your Customer) guidelines, but governing and anti-money laundering entities are looking to change that. SEC Chair Gary Gensler is on record as saying DeFi projects are not immune to regulation being that many of the protocols, in the eyes of regulators, have features that make them resemble the kinds of projects the SEC would oversee. In addition to the SEC’s stance, organizations like Financial Action Task Force (FATF), who combat money laundering, have also taken focus on DeFi projects in an effort to protect investors, and possibly bring peace of mind to new people entering the space.

Better Overall Security 

One of the clear ways that hacks on DeFi protocols affect the space is in the area of security. With each hack, major holes in these projects are highlighted and hackers may even go so far as to siphon funds and then return them with notes to the protocol developers on how to make the project safer, as seen in the Poly Network attack of August 2021

Some of the ways DeFi security is improved as a result of hacks include:

Better Security Protocols – More secure protocols help avoid a number of attack vectors including frontrunning attacks, 51% attacks, inaccurate liquidity pool calculations and more as we’ve explained in this article.

Slower Development Cycles – Slower development cycles means more time for rigorous testing and proper smart contract audits, where mistakes in code can be found. 

Compliance Tools – Exchanges like Binance have started using compliance tools like CipherTrace to adhere to the FATF’s travel rule that identifies both parties in any given transaction, and “detect hacks and exploits of decentralized finance (DeFi) applications on Binance Smart Chain” as reported in CoinDesk.

Mandatory Bug Bounty Programs – Bug bounty programs provide compensation that will incentivize ethical hackers to get help make DeFi protocols more secure. This can also lead to the hacker working for the project long term which brings even more value to both sides and long-term security to DeFi protocols. 

For more information on DeFi security, smart contract audits and how to prevent exploits on your project, be sure to reach out to our security experts at halborn@protonmail.com