FBI: Hackers increasingly exploit DeFi bugs to steal cryptocurrency
The U.S. Federal Bureau of Investigation (FBI) is warning investors that cybercriminals are increasingly exploiting security vulnerabilities in Decentralized Finance (DeFi) platforms to steal cryptocurrency. “The FBI has observed cyber criminals exploiting vulnerabilities in the smart contracts governing DeFi platforms to steal investors’ cryptocurrency,” the federal law enforcement agency said. “The FBI encourages investors who suspect cybercriminals have stolen their DeFi investments to contact the FBI via the Internet Crime Complaint Center or their local FBI field office.” The public service announcement, published on the FBI’s Internet Crime Complaint Center (IC3) today, adds that out of roughly $1.3 billion in cryptocurrency stolen between January and March 2022, snatched almost 97 percent of it from DeFi platforms. Per FBI’s calculations, this amounts to a significant increase from 72 percent in 2021 and approximately 30 percent in 2020, respectively. Attackers have used various methods to hack and steal cryptocurrency from DeFi platforms, including initiating flash loans that trigger exploits in the platforms’ smart contracts and exploiting signature verification flaws in their token bridge to withdraw all investments.