The United States Federal Bureau of Investigation (FBI) has issued a new warning for investors in decentralized finance platforms (DeFi), which have been targeted by exploits worth $1.6 billion in 2022.
In a public service announcement posted Tuesday by the FBI’s Internet Crime Complaint Center, The agency said the exploits have cost investors money, advising investors to conduct diligent research on DeFi platforms before using them, while urging platforms to improve oversight and conduct more code testing. rigorous.
The security agency warned that cybercriminals have joined forces to take advantage of “increasing investor interest in cryptocurrencies” and “the complexity of cross-chain functionality and the open source nature of DeFi platforms.”
the #FBI warns that cyber criminals are increasingly exploiting vulnerabilities in decentralized finance (DeFi) platforms to steal cryptocurrency investors. If you think you are the victim of this, contact your local FBI field office or IC3. Learn more: https://t.co/fboL1N17JN pic.twitter.com/VKdbpbmEU1
— FBI (@FBI) August 29, 2022
The FBI warns that cybercriminals are increasingly exploiting vulnerabilities in decentralized finance (DeFi) platforms to steal crypto from investors. If you think you are a victim of this, contact your local FBI office or IC3. More information:
The FBI noted that cybercriminals exploited vulnerabilities in the smart contracts that govern DeFi platforms to steal investors’ cryptocurrencies.
In a concrete example, the FBI cited cases in which hackers used a “signature verification vulnerability” to steal $321 million from the Wormhole token bridge by February. He also mentioned a flash lending attack that was used to trigger an exploit on the Solana DeFi Nirvana protocol in July.
However, that is just a drop in a vast ocean. According to an analysis by blockchain security firm CertiK, Since the start of the year, more than $1.6 billion has been stolen from the DeFi space, exceeding the total amount stolen in 2020 and 2021 combined.
The FBI recommends due diligence and extensive testing
Although the FBI admitted that “every investment involves some risk,” The agency has recommended that investors thoroughly research DeFi platforms before using them and, if in doubt, seek the advice of a licensed financial advisor.
The agency also said that it is very important that the protocols of the platform are solid and that they make sure that they have had one or more code audits carried out by independent auditors.
Typically, a code audit involves a review of the underlying code of the platforms to identify vulnerabilities or weaknesses, which could be exploited.
According to the FBI, any DeFi investment fund with an “extremely limited time to join” or “rapid deployment of smart contracts” should also be approached with extreme caution, especially if they haven’t done a code audit.
Crowdsourced solutions, which generate ideas or content by soliciting contributions from a large group of people, were also noted. as suspicious by the security agency:
“Open source repositories allow unrestricted access to all individuals, including those with nefarious intent.”
The FBI said that DeFi platforms can also do their part to increase security by regularly testing their code for vulnerabilities, along with real-time monitoring and analysis.
An incident response plan and information to users about possible platform vulnerabilities, hacks, exploits or other suspicious activities are also some of the recommendations.
However, in the absence of all this, The FBI encourages US investors who are targeted by hackers to contact them through the Internet Crime Complaint Center or their local FBI office.
Earlier this year, US Deputy Attorney General Lisa Monaco announced that the FBI was stepping up its efforts to tackle crime in the digital asset space with the formation of the Virtual Asset Exploitation Unit. .
The specialized team is dedicated to cryptocurrencies and includes experts to help with blockchain analysis as part of a shift in focus towards disrupting international criminal networks.rather than just his chase.
Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information set forth herein should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
Keep reading:
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the full amount invested may be lost. The services or products offered are not aimed at or accessible to investors in Spain.