There are many ways to make money in decentralized finance (DeFi). There are also many ways to lose it. In addition to buying the wrong tokens at the wrong time or becoming a holder of the illiquid non-fungible token (NFT) pool, scams and hacks are common.
In the last three years, the tools we use to interact with DeFi, web wallets, platforms and protocols, have become more user friendly. But at the same time, phishing attempts, hacks, and fraud have increased. There is an arms race going on, with DeFi advocates working to bolster their protocols against attackers. It is a high-stakes battle, with the very future of DeFi at stake.
Hackers will keep hacking
There is a misconception that only new users fall victim to hackers. They make mistakes, clicking on phishing links or responding to fraudulent messages. Although beginners have fallen for it, the truth is that anyone can be a target. Even DeFi veterans can fall; all it takes is a moment of inattention.
Web3 platforms that require users to sign a transaction to confirm ownership of the wallet are one such pain point. In many cases, it is not clear what you are signing or why. All it takes is a compromised Twitter account or a front-end code injection for a hacker to turn a reputable web3 platform into a honeypot.
Defenders will continue to defend
DeFi advocates, including white hats, security researchers, and interface designers, have been fighting back, arming users with the tools to detect threats. Browser extensions have been developed that alert users to the permissions they grant each time they sign a transaction. These detect malicious signature requests effectively. However, popups caused by these additional steps risk causing notification fatigue.
Other solutions seek to dig deeper into the smart contracts that DeFi users interact with to determine if they contain malicious code. block fence has developed an interface that warns web3 users of any dangers they are inadvertently interacting with. Its layer of protection combines complex analytics, machine learning algorithms, and accumulated community data to create a broader picture of systemic risk. is recently seen success in saving unsuspecting users from an ETH Denver phishing website.
These solutions must be complemented with tools that can protect against other attack vectors. Bridges, vital conduits for moving money between blockchains, are weak spots. Last year, $2 billion was lost due to bridge vulnerabilities. The industry needs stronger solutions to move assets between chains and identify attacks before millions of dollars can be exfiltrated.
of white hats hacking again With increased forensic tools to track and potentially freeze stolen funds, DeFi users are equipped. But until the annual amount of stolen crypto starts to decline, it’s hard to argue that the good guys are winning the battle. Despite all the progress made, DeFi is still vulnerable.
Disclosure: This content is provided by a third party. crypto.news does not endorse any products mentioned on this page. Users should do their own research before taking any action related to the Company.
