2. Introduction
2
Decentralised Finance (DeFi) has revolutionized the traditional financial services
ecosystem by utilizing blockchain technology to remove intermediaries. The result?
Faster, more efficient, and cheaper financial services. However, despite its numerous
advantages, the security of DeFi protocols has become a significant concern in recent
times.
Reportedly, back in 2020, hackers had stolen around $100 million from DeFi projects.
The staggering financial losses incurred due to the DeFi hacks highlighted the need to
identify the causes of such exploits and develop preventive measures.
So, what are the most popular DeFi hacks you should know about, and what can you
learn from them?
Let’s find out in this post.
3. What are DeFi Hacks?
3
Bitcoin’s launch marked the initiation of DeFi, and it has since expanded to include DApps
(decentralized applications) that offer all sorts of traditional financial services with the
added factor of decentralization. As of March 2023, the reported total value of the locked
assets in DeFi protocols is $47.97 billion (TVL).
Combined with the fear, uncertainty, and doubt (FUD) brought on by the 2022 bear run for
crypto and the collapse of big-name crypto like the exchange FTX, the news of big DeFi
hacks from the past few years does discourage a lot of users from shifting over to
decentralized finance, despite the popularity of DeFi. DeFi hacks usually target commonly
used decentralized finance protocols, resulting in significant financial losses.
These losses not only affect individual users but also create a general loss of trust in the
viability of DeFi as an alternative to traditional financial services.
4. How do Hackers Exploit DeFi?
DeFi protocols are vulnerable to various attacks and hacking attempts due to their open-
source nature, composability, and fast-paced development cycle of DeFi projects.
Hackers exploit DeFi protocols through various methods. One of the most popular DeFi
hacks is a smart contract exploit, which involves exploiting flaws in the code of the smart
contract used by the DeFi protocol. This method allows hackers to manipulate the DeFi
protocol’s behavior and steal users’ assets.
In a rug pull, the hacker creates a fake DeFi project and convinces users to invest their
funds. Once enough funds have been collected, the hacker withdraws all the assets and
disappears, leaving users with worthless tokens.
5. Oracle Manipulation
Oracle price manipulation is a common DeFi hack where attackers manipulate an oracle
smart contract, leading to system failure, theft, and damages. Oracles provide real-world
data to blockchains, with price feeds being the most exploited data. Oracles can gather
price information from centralized exchanges via APIs or decentralized exchanges prone
to manipulation.
6. Smart Contract Logic Errors
The fast-paced launch of DeFi projects can lead to seemingly trivial errors being missed
by developers, making them susceptible to exploitation by DeFi hackers. The open-source
nature of DeFi protocols allows attackers to view the smart contract code and identify
glitches for exploitation.