The Federal Bureau of Investigation has issued a global alert warning Investors about the planned scams intending to steal users’ funds, including risks involved while using decentralized finance platforms.
In a statement released on Tuesday, the FBI had recommended that crypto investors conduct thorough research on DeFi platforms, smart contracts, and protocols before using them, to better understand the potential risks involved before investing. Among the things to look out for are platforms that have had their codes audited at least once according to the FBI
”Ensure the DeFi investment platform has conducted one or more code audits performed by independent auditors. A code audit typically involves a thorough review and analysis of the platform’s underlying code to identify vulnerabilities or weaknesses in the code that could negatively impact the platform’s performance,” The FBI said in its recommendations.
The FBI also stated they had monitored cybercriminals exploiting vulnerabilities in the smart contracts governing DeFi platforms, using an investment strategy or self-executing contracts with “an agreement between the buyer and seller written directly into lines of code that exist across a distributed decentralized blockchain network”. These exploits have generated profits for the criminals that victims can’t claim for now.
“The FBI encourages investors who suspect cybercriminals have stolen their crypto investments, to contact the FBI via the Internet Crime Complaint Center or their local FBI field office,” the agency said in its statement.
The rise of DeFi hacks
The FBI hastened to add that the scammers who have widely spammed the industry, are targeting investors using the complexity of cross-chain functionality and the open nature of DeFi platforms.
“Cybercriminals are exploiting security flaws in the smart contracts governing DeFi platforms to steal virtual currency and cause investors to lose money,” the agency said.
It is estimated that between January and March, criminals stole about 97% of the $1.3 billion in cryptocurrencies from DeFi platforms, an increase from 72% in 2021 and 30% in 2020. Cybercriminals have also tried to steal using flash loans. Causing a loss of $3 million in crypto.
FBI makes recommendations to DeFi platforms
DeFi users have been given an opportunity to borrow and lend assets in a similar manner to that of banks, but these assets are not backed by insurance and are more vulnerable to hacks and exploits due to the lack of government policies regulating them.
The agency recommended DeFi platforms implement analytics, monitoring, and testing of code to address potential vulnerabilities that could lead to contract exploitation. Over the past few years, several experts have advised companies that the most effective and sustainable approach is to implement security software that uses multifactor authentication or MFA, but platforms are yet to embrace it.