Why the FBI Warned Crypto Investors of Increased Cyber Attacks
In 2022, bad actors have turned their attention to the crypto and decentralized finance (DeFi) sectors. Cybercriminals have stepped up their efforts to steal funds from users by attacking different protocols. As a result, hackers were able to extract over $2 billion from their criminal activities.
The US Federal Bureau of Investigation (FBI) issued a warning against another potential spike in cyber attacks against crypto and DeFi. The law enforcement agency and other legal entities in this country have identified several hacker groups with ties to rogue nations.
As Bitcoinist reported, North Korean-backed hacker groups appear to be the most prolific in attacking DeFi and crypto projects. The infamous Lazarus Group and others have collected over $1 billion in crypto theft. The funds will reportedly be used to support the country’s nuclear program.
The US FBI said the following about the alleged growing trend of cyberattacks by bad actors on crypto and its DeFi sector:
The FBI has observed cybercriminals exploiting vulnerabilities in the smart contracts that govern DeFi platforms to steal investors’ cryptocurrency. The FBI encourages investors who suspect that cybercriminals have stolen their DeFi investments to contact the FBI through the Internet Crime Complaint Center or their local FBI field office.
Data provided by the FBI indicates that hackers have managed to steal around $1.3 billion in cryptocurrencies from January to March 2022 alone. This represents a 72% increase compared to Q1 2021. DeFi platforms are the main focus of these attacks.
US authorities believe the rise in DeFi adoption, the “complexities” of using smart contracts and DeFi protocols, and the open source nature of the sector have made it particularly vulnerable to bad actors.
Notorious 2022 Crypto Hacks, According to the FBI
The law enforcement agency highlighted some of the methods that hackers use to steal from crypto investors. Protocols known as “bridges,” which enable users to trade assets from different blockchains, have been some of the most affected at the peak of cyberattacks.
Hackers have managed to exploit a “signature verification vulnerability” in a DeFi bridge and authorize the withdrawal of over $320 million from the platform. Other attacks target protocols that offer “flash loans”.
Hacks have been able to manipulate other vulnerabilities in the sector, the FBI said, including price oracles and trading products with “price calculation errors”. For users, the FBI recommended researching potential investments and DeFi protocols before sending money to the platform.
In addition, the FBI advised users to look closely at the projects’ security audits to verify their level of security. For developers, the law enforcement agency recommended:
Initiate real-time analysis, monitoring and rigorous testing of code to more quickly identify vulnerabilities and respond to indicators of suspicious activity. Develop and implement an incident response plan that includes notifying investors when smart contract exploitation, vulnerabilities, or other suspicious activity is discovered.