Half of 2020 crypto hacks come from DeFi Protocols and Exchanges Exchange
This blog is an excerpt from the upcoming CipherTrace 2020 Cryptocurrency Crime and Anti-Money Laundering Report
- In the first half of 2020, DeFi accounted for 45% of all thefts and hacks ($ 51.5 million or 40% of the volume hacked).
- In the second half of 2020, DeFi accounted for 50% of all thefts and hacks ($ 47.7 million or 14% of the volume hacked).
- So far, DeFi hacks in 2020 account for 21% of the hacking and theft volume in 2020.
- Funds from the biggest hack in 2020 (KuCoin $ 281 million) were laundered through DeFi.
- In 2019, the DeFi hack volume was practically negligible.
- Rise in thefts likely attributed to the recent DeFi boom.
The USD value locked in DeFi grew exponentially in 2020, creating potential new money laundering risks as hacked DeFi logs make up the majority of crypto thefts in 2020 and decentralized exchanges were a preferred port of call for the KuCoin hack in 2020 .
According to CoinGecko, DeFi blocked 31% – $ 14.2 billion – of Ethereum’s total market cap on October 27, 2020. That’s an increase of over 700% from the $ 1.7 billion held in DeFi in early 2020. This exponential boom outperforms the 70 percent increase from early 2019, when DeFi market cap was only $ 1.0 billion, to early 2020. It is this boom that ultimately attracted criminal hackers for DeFi, leading to those so far resulted in most DeFi hacks in a year.
In the first six months of 2020, 45% of all thefts were DeFi hacks, which equates to about $ 51.5 million – 40% of the volume hacked for that period. So far, in the second half of 2020, DeFi has dominated 50% of all thefts, as well as roughly $ 47.7 million – 14% of the volume hacked for that period. That lower percentage of the total hack volume in the second half of 2020 is due to the KuCoin hack, which totaled nearly $ 281 million. Overall, DeFi hacks accounted for 21% of the theft volume in 2020, while the DeFi hack volume in 2019 was practically negligible. If the KuCoin variable were removed, DeFi hacks would take over 50% of the total volume. Although KuCoin is a centralized exchange, even this hack was touched by DeFi when the criminals tried to launder the stolen funds through one of the largest decentralized exchanges in the world – Uniswap.
DeFi logs are inherently license-free, which means that they often lack clear regulatory compliance and can be accessed by anyone in any country with little to no KYC information collected. As a result, DeFi can easily become a haven for money launderers.
It seems that regulators are starting to pay more attention to DeFi and its compliance requirements. Unsurprisingly, the untested smart contracts that many DeFi projects rely on often have vulnerabilities that malicious actors can exploit. Olaf Carlson-Wee, founder and CEO of Polychain Capital, recently said in an episode of Unchained: “I think it scares me a little about how much capital is put into unaudited contracts. Overall, I think security audits are an important part of the maturation of any of these systems. ”As DeFi continues to grow, it is plausible that DeFi projects could fall within the purview of global regulators. The FATF is already looking at decentralized exchanges VASPs and FinCEN applies the same regulatory considerations to DEXs as to Bitcoin ATMs, regardless of whether they are profit-oriented.
The US Securities and Exchange Commission (SEC) has identified DeFi projects that have been exposed to vulnerabilities, hacks, attacks, fraud and manipulation. At the Parallel Summit on September 18, crypto tsarina Valerie Szczepanik told the SEC: “If you walk [Defi] Things on the code and you post it in the wild you are missing a step and you may want to test the code, audit the code, you may want to have a peer review of the code; It is risky to broadcast it live right away without these protections. “Don’t get caught up in the hype surrounding the IPO market,” warned Val. “Hype leads to fraud, can lead to poor code implementations and inadequate testing. If the industry takes the time to get it right and sits down with regulators to help them do this, then good things will seep up and you will enjoy the benefits that come with distributed ledger technology. “
On the flip side, the EU has introduced Markets in Crypto Assets (MiCA), a proposed regulation that, if passed, will prohibit decentralized exchanges from trading with EU citizens unless they are incorporated and registered as a legal entity in the office a Member State.
It’s clear that DeFi has become one of the fastest growing trends in the crypto industry, akin to the 2017 ICO craze, so it’s important to be aware of your money laundering risks. DEXs have no way of freezing funds like a centralized exchange; Instead, that power rests with the individual DeFi projects themselves. However, unless the right steps are taken to ensure the security of the smart contracts that many DeFi projects rely on, DeFi is likely to continue to suffer only as a result of inadequate AML and security suffer.