Vladislav Sopov
Kofi Kufuor, Partner at Crypto Investment Heavyweight 1confirmation, shares a detailed analysis of attacks on crypto protocols
contents
- Four main types of attacks in DeFi
- Multi-chain apps and bridges under attack
Kofi Kufuor proposed his own classification of attacks on decentralized finance (DeFi) protocols, pointing to core vulnerabilities facing this turbulent segment.
Four main types of attacks in DeFi
According to his in-depth post, all attacks that resulted in money being stolen from crypto protocols can be divided into four types based on the “vulnerability stack”.
1/ I have collected over $4 billion worth of crypto application hack data
In this article, I break down how the hacks were carried out, the tools we have to prevent history from repeating itself, and predictions for the future of crypto securityhttps://t.co/W2A9lPz69O
— Coffee (@0xCoffee) October 6,
However, all recent attacks are carried out against either the ecosystem, the protocol, the smart contract language, or the infrastructure. Infrastructure attacks target consensus weaknesses, internet systems behind DeFis, private keys, and so on.
Smart contract language attacks exploit design flaws of programming languages used for smart contract creation. Protocol logic attacks are executed under bad business logic and tokenomic weaknesses.
To sue
Last but not least, ecosystem attacks target the interactions between different DeFi protocols: to initiate (or amplify) an attack, malefactors borrow money from one protocol and inject it into the liquidity pools of another DeFi.
Multi-chain apps and bridges under attack
Attacks on ecosystems are the most common: over 41% of all DeFi hacks belong to this group. If we simultaneously exclude the three most devastating hacks from the analysis (Ronin Bridge, Poly Network, BNB Chain Bridge), infrastructure attacks resulted in the largest losses.
Of the ecosystem hacks, flash loan attacks using price oracles are the most common; various private key attacks (phishing, brute force, compromised keys, etc.) dominate anti-infrastructure hacks.
Ethereum-based apps witnessed $2 billion in stolen funds. More than half of the attacks in 2020-2022 targeted cross-network bridges and multi-blockchain apps.
Learn Crypto Trading, Yield Farms, Income strategies and more at CrytoAnswers
https://nov.link/cryptoanswers
Comments are closed.