Ari Redbord, a former prosecutor with the US Department of Justice (DoJ), now serving as Head of Legal and Government Affairs at TRM Labs, say hackers are getting more sophisticated. To protect themselves, he is urging DeFi platforms to develop and implement robust cybersecurity measures to prevent losses.
In his assessment, the legal chief told CoinDesk in an interview that identifying and tracing illicit activity on DeFi platforms will require enhanced “blockchain intelligence tools” to detect and track cryptocurrency mixers before bad actors can launder funds. These tools will help to fortify the security and integrity of trustless protocols, enabling law enforcement and cybersecurity experts to track and prevent illegal activities.
He also stated that while those seeking to engage in illegal activity within the DeFi industry are becoming sophisticated, regulations, tools, and individuals are being improved as a counteractive measure. Therefore, in light of the inevitable technological and regulatory evolution, Ari advises DeFi platforms to continuously adapt and improve their security measures to stay ahead of the curve.
TRM Labs reported that over $3.6 billion in cryptocurrency was lost to fraud in 2022, with roughly $3 billion targeting DeFi protocols whose liquidity is high, a honeypot for cybercriminals. Ari said most DeFi protocols are falling to hackers because they are new and have yet to develop robust security measures to keep clients’ funds safe.
Techniques cybercriminals employ
The US Federal Bureau of Investigation (FBI) had warned DeFi networks about potential attacks, stating that hackers exploit vulnerabilities in the contracts that govern these networks. They are advising DeFi platforms to be vigilant and take steps to secure their systems to protect against these types of threats.
The investigative agency outlines three fundamental methods hackers use to target DeFi platforms. One option is to initiate a flash loan, as was done in the November 2021 assault on the Ethereum DeFi Initiative bZx, which resulted in the theft of $55 million in bitcoin. Another technique is to attack flaws in a DeFi platform’s token bridge, as was observed earlier in August with the Nomad token bridge.
The FBI also revealed a third strategy involving altering cryptocurrency rates by attacking numerous flaws, such as reliance on a single pricing oracle. This technique was used in the April 2022 Deus Finance exploit, during which criminals got away with $13.4 million.