Projekty DeFi straciły ponad 285 milionów dolarów z powodu oszustów
According to Messari analytics, DeFi projects lost more than $285 million in the past two years due to cybercriminals. The amount of money lost today is about 0.65% of the entire amount of funds blocked in the DeFi market.
The growing popularity of the decentralized finance industry has become somewhat disastrous for them. Since it attracted the attention of all sorts of scammers who wanted to get the funds invested by clients in various DeFi projects. Almost half of the cases of theft were associated with urgent loans (flash loan attacks). Fraudsters tricked lenders into thinking that the borrowers had repaid the loan. Although they themselves, of course, did not. Sometimes borrowers did not even have to assume that attackers used their data to defraud lenders. In the case of the “urgent loan attack” in the bZX protocol, the scammers temporarily increased the value of the token used to repay the loan. In another use case, attackers used this type of attack to gain additional votes in MakerDAO, which affected the entire community.
In addition to “urgent loans”, there are other more rude types of attackers in the industry. For example, exit scam or rug pull, when the project team is initially interested only in stealing investments. After what has been achieved, they try to “cover-up” all traces of their stay, at the same time removing social networks and other information available to users. It is possible to protect yourself from this type of scammers. It is enough not to invest in dubious projects and always carefully study the information about the members of the startup team on the network. It is not uncommon for photographs to turn out to be pictures from photo stocks, and the people themselves never existed.
In addition, there is a scam with temporary price manipulation and exploitation of vulnerabilities in oracles. Plus the indicative episode with Alpha Homora. Not only did they lose a record $37.5 million to their investors, but they also made the community question the quality of smart contract audits.
Be vigilant and don't be fooled by questionable projects. After all, you are always primarily responsible for all invested funds, and not the platform or the project team to which you entrusted them.