Business
The Rising Threat of DeFi Hacks: Trends and Insights from 2023
Explore the alarming increase in DeFi hacks in 2023. Uncover trends, statistics, and expert insights on how these vulnerabilities impact the decentralized finance landscape and what measures can be taken to enhance security.
Decentralized Finance (DeFi) Hacks: An Ongoing Threat
Despite a notable decrease in the total amount stolen in 2023, hacks targeting decentralized finance (DeFi) platforms continue to pose a significant risk to the industry. A recent report by the blockchain security firm Halborn delves into the alarming trends surrounding DeFi hacks, summarizing the top 100 incidents that have occurred between 2016 and 2023. The cumulative value of these hacks amounts to a staggering $7.4 billion, with the majority of these attacks being executed on platforms such as Ethereum, Binance Smart Chain, and Polygon.
The report highlights that while on-chain hacks—such as smart contract exploitation, price manipulation, and governance attacks—are the most common, off-chain attacks, including private key theft, account for 29% of all incidents and approximately 34.6% of the total funds stolen. In 2023, off-chain attacks escalated, making up 56.5% of the total attacks and resulting in 57.5% of the stolen amounts.
Alarmingly, only 21% of the hacked protocols employed multi-signature (multi-sig) wallets, which enhance security by requiring multiple approvals for transactions to proceed. Halborn’s findings also indicate that the majority of on-chain attacks targeted protocols that had not undergone thorough auditing. A critical factor contributing to these losses in smart contract exploitation is the lack of rigorous input verification and validation within the protocols.
Cross-chain bridges have emerged as a prominent attack vector for malicious actors. Halborn advises protocols to conduct careful reviews of their code before integrating any cross-chain bridge solutions. A recent example of this vulnerability was highlighted by the hacking of the Ronin Bridge, which resulted in a loss of $12 million. This incident follows a more significant exploit of $625 million that targeted the same protocol two years earlier.
Additionally, an earlier report by Immunefi revealed that hacks aimed at DeFi platforms led to losses totaling $473 million during the first half of 2024 alone. This underscores the persistent and evolving threat that DeFi hacks represent in the current financial landscape.