"FBI: Hackers Increasingly Exploit DeFi Bugs to Steal Cryptocurrency"

The FBI has issued a warning to investors that cybercriminals are increasingly exploiting security flaws in Decentralized Finance (DeFi) platforms to steal cryptocurrency. Investors who believe cybercriminals have stolen their DeFi investments should contact the FBI through the Internet Crime Complaint Center (IC3) or their local FBI field office. The public service announcement adds that nearly 97 percent of the $1.3 billion in cryptocurrency stolen between January and March 2022 was taken from DeFi platforms. According to the FBI's calculations, this represents a significant increase from 72 percent in 2021 and around 30 percent in 2020. Attackers have used various methods to hack and steal cryptocurrency from DeFi platforms, including initiating flash loans that trigger exploits in the platforms' smart contracts and using signature verification flaws in their token bridge to withdraw investments. The agency has also observed cybercriminals manipulating cryptocurrency price pairs by exploiting a series of flaws, including the DeFi platforms' use of a single price oracle, and then conducting leveraged trades to avoid slippage checks. The FBI's warning follows an April Chainalysis report that revealed that, according to Q1 2022 data, DeFi cryptocurrency platforms are now more targeted than ever. In most cases, the attackers rely on security flaws in their code or a security breach on the platform to move cryptocurrency to addresses under their control. According to Chainalysis, most stolen assets were laundered in 2022 by threat actors using risky laundering services such as illegal exchanges and coin tumblers on the Dark Web. This article continues to discuss the FBI's warning regarding cybercriminals increasingly exploiting security flaws in DeFi platforms to steal cryptocurrency. 

Bleeping Computer reports "FBI: Hackers Increasingly Exploit DeFi Bugs to Steal Cryptocurrency"