The FBI warns DeFi users against hackers and cryptocurrency scams
Hackers and cryptocurrency scams are forcing US law to focus on decentralized finance.
The US Federal Bureau of Investigation (FBI) has just issued a new investor warning about Decentralized Financial Platforms (DeFi), targeted by over $ 1.6 billion in attacks during 2022!
Hackers focus on decentralized finance. The FBI advises DeFi users to exercise caution
In an August 29 announcement on the FBI's Internet Crime Complaint Center website, the agency said the scams had resulted in a large amount of money being lost to investors - advising them to always conduct a careful research on Defi platforms before using them. In addition, the FBI addressed the owners of DeFi platforms, urging them to improve monitoring and conduct rigorous testing of their security.
Law enforcement warned that cybercriminals are constantly intensifying their activities to take advantage of investor's growing interest in the world of cryptocurrencies, as well as the complexity of the cross-chain functionality and open nature of Defi platforms.
The FBI has observed cybercriminals exploiting vulnerabilities in the smart contracts that DeFi platforms rely on to steal investor-owned cryptocurrencies. In a specific example, the FBI listed cases where hackers used a "signature verification gap" to seize an estimated $ 321 million from Wormhole back in February of this year. FBI agents also mentioned the flash loan attack that was used to launch the Solan DeFi Nirvana protocol exploit in July.
However, this is only a drop in a huge ocean of attacks. According to the analysis of the popular audit company CertiK dealing with blockchain security, more than 1.6 billion dollars have been stolen from the DeFi space since the beginning of the year. It should be mentioned here that it is more than during the two previous years combined.
The FBI recommends due diligence and regular security testing
While the FBI admitted that "all investments come with some risk," the agency recommended that investors investigate DeFi platforms before using them, and if in doubt, seek advice from a licensed financial adviser.
The agency also stated that it is also very important that the quality of the platform code is solid. The FBI also places emphasis on ensuring that individual DeFi projects have one or more code audits performed by independent specialists. A code audit normally includes a platform review to identify any gaps or weaknesses that could be exploited.
According to the FBI, DeFi investment pools with "limited time frames to join" or "rapid deployment of smart contracts" should also be handled with extreme caution, especially if they have not performed a code audit.
Crowdsourcing solutions that generate ideas or content by sourcing input from a large group of people have also been flagged as potentially unsafe by law enforcement.
"Open source repositories allow unfettered access for all people, including those with evil intentions," comments the FBI.
The FBI said DeFi platforms could also take steps to increase security by regularly testing their code to identify vulnerabilities, along with real-time analytics and monitoring.
However, if all this cannot be achieved in the near future, the FBI is calling on US investors targeted by hackers to contact agents through the Internet Crime Complaint Center or the local FBI field office.
Earlier this year, US Assistant Attorney General Lisa Monaco announced that the FBI was stepping up its efforts to tackle crime in the digital asset space by creating a Virtual Asset Exploitation Unit.
A specialized team of investigators is fully devoted to cryptocurrencies and includes experienced experts whose goal is to help with blockchain analysis. All of this is intended to obstruct the operation of international criminal networks, not just to prosecute them.