ImmuneFi report $10B in DeFi hacks and losses across 2021

Published at: Jan. 7, 2022

Decentralized finance, or DeFi, security platform and bug bounty service ImmuneFi published an official report on Thursday which calculated the total volume of losses in the cryptocurrency markets in 2021. According to its report, the company found that losses resulting from hacks, scams and other malicious activities exceeded $10.2 billion dollars over the past year.

Responsible for protecting over $100 billion worth of assets for a number of well-established DeFi protocols, including Synthetix, Chainlink, SushiSwap and PancakeSwap, among others, ImmuneFi has regularly facilitating seven-figure pay-outs to whitehat hackers and other good-willed entities for preventing protocol compromises.

According to the report, across 2021 there were 120 instances of crypto exploits or fraudulent rug-pulls, the highest valued hack being Poly Network at $613 million, followed by Venus and BitMart with $200 million and $150 million, respectively.

Other notable entries to the list were Alpha Finance and Cream Finance who were both hacked for $37.5 million, yearn.finance’s $11 million, Furucombo’s $14 million evil contract exploit, as well as the infamous Alchemix reverse rug in which the platform’s users claimed a welcome fortune due of $6.5 million after a withdrawal issue arose with one of the platform’s smart contracts synthetic assets, alETH.

The year of 2021 saw a stark rise in both the frequency and volume of security breaches in comparison to the previous year which recorded 123 incidences totalling $4.38 billion, a 137% percentage increase.

We've just released our report for 2021 on crypto losses stemming from hacks and scams. In total, the DeFi ecosystem saw a loss of $10,210,188,549 Read more facts and figures here:https://t.co/gCWiOqjhhZ pic.twitter.com/zEX28yg0vD

— Immunefi (@immunefi) January 7, 2022

In conversation with Cointelegraph, CEO and Founder of Immunefi, Mitchell Amador, spoke of his optimism for the future of onchain security, despite what he described as a “year of dramatic losses” for the industry.

“Despite the appearance of entirely new vulnerabilities in the onchain economy, the community is adapting rapidly. At Immunefi alone, we saved double the amount lost to exploitation this year, and security best practices are circulating throughout the community.”

Amador cited ImmuneFi’s role in facilitating Polygon’s recent $3.47 million pay-out to two whitehat hackers for their instrumental role in averting what was described as “critical” vulnerability in the network’s proof-of-stake Genesis contract placing almost all of the MATIC token supply of $10 billion at risk.

Related: Recounting 2021’s biggest DeFi hacking incidents

In September last year, ImmuneFi organized what was reported at the time as being the largest bounty in the history of DeFi to renowned white hat programmer Alexander Schlindwein for averting a potential $10-million bug crisis in automated market maker, or AMM, protocol Belt Finance.

Schlindwein received a compensation of $1.05 million in total, $1 million of which was granted by Belt Finance with ImmuneFi acting as the middleman, and the remaining $50,000 offered by Binance Smart Chain’s Priority One program.

In October, ImmuneFi announced a $5.5 million capital raise from a number of institutional investors, including Blueprint Forest, Electric Capital, with the intention of expanding its security services across the DeFi industry in a concerted effort to lower the prevalence and financial impact of benevolent security exploits in the space.

Tags
Related Posts
The perfect storm: DeFi hacks will advance the crypto sector moving forward
The rise of decentralized finance, or DeFi, could be paving the way toward a fully decentralized financial ecosystem. Yet, given the innovative nature of DeFi, the sector remains in constant development and is therefore prone to a number of vulnerabilities. Unsurprisingly, one of the biggest challenges currently facing the DeFi sector is security threats. This has become apparent as more DeFi hacks continue to wreak havoc across the crypto community. Most recently, the largest DeFi hack within the crypto industry took place. The Poly Network hack resulted in over $600 million dollars removed, and then returned, from Binance Chain, Ethereum …
Decentralization / Aug. 17, 2021
Poly Network hacker appears ready to return stolen funds
Following a massive $600-million exploit of cross-chain protocol Poly Network, the Poly Network hacker has claimed his willingness to return the stolen cryptocurrency funds. At about 4:00 am UTC on Wednesday, the hacker sent an Ethereum transaction to themselves, stating that they were “ready to return the fund” in an embedded transaction message. In a subsequent message, the hacker asked for a multisig wallet address to return the funds to Poly Network. “Failed to contact the poly. I need a secured multisig wallet from you,” the hacker noted. Poly Network’s Twitter account posted an update on Wednesday, providing three separate …
Decentralization / Aug. 11, 2021
The radical need for updating blockchain security protocols
Decentralized finance (DeFi) is here to stay with over $100 billion in total value locked (TVL), highlighting the evidence of faith in these new financial tools. This investment will continue to increase, but it appears that with each new record in TVL, there is another network attack being reported with astronomical losses. Crypto crime dropped 57% in 2020, but DeFi hacks surged, costing companies and investors billions of U.S. dollars. In March alone, there were several attacks within just a five-day period, with Paid Network losing $180 million. Later in May, PancakeBunny lost more than $200 million in a flash …
Decentralization / June 25, 2021
The importance of decentralized oracles: Interview with Sergey Nazarov
Chainlink co-founder Sergey Nazarov believes that increasing the decentralization and scalability of oracle technologies are key to ensure trust in the DeFi ecosystem. Oracles play a key role in the correct functioning of DeFI protocols by connecting them to real-world data. However, the trustworthiness of oracles becomes compromised in instances where they rely on a single data source to retrieve information. For instance, according to Nazarov, excessively centralized oracles enabled five recent flash loan attacks, which resulted in DeFi protocols losing around $40 million. Flash loans, a form of loan that does not require any collateral, can be used to …
Decentralization / Dec. 19, 2020
Finance Redefined: Two DeFi hacks top $120M, and $500M Algo Fund launches, Nov. 26–Dec. 3
Welcome to the latest edition of Cointelegraph’s decentralized finance newsletter. A week packed with positive advancements in the DeFi space including nine-figure fund raises, successful product launches and soaring token prices was somewhat tarnished by the news of two severe security exploits. Read on to get the full scope of developments across the week. What you’re about to read is the smaller version of this newsletter designed for brevity. For the full version of DeFi’s developments over the last week, drop your email below. Borderless Capital launches $500M fund to support Algorand ecosystem Capital venture firm Borderless Capital announced the …
Decentralization / Dec. 3, 2021