According to data provided by the blockchain analysis company – Elliptic – investors have lost $12 billion to criminals targeting decentralized finance platforms since the beginning of 2021. More than $10 billion of that amount accounts for cases of fraud and theft on DeFi products.

Seven Times More Than in 2020

Over the recent years, the total value locked in DeFi projects has skyrocketed from $500 million to nearly $250 billion. With this major increase, though, comes the risk of scams and exploits.

Since the start of the ongoing year, such fraudulent activities have accounted for $10.5 billion worth of user funds that have been stolen in cases of theft on decentralized finance products. In comparison, this number stood at $1.5 billion for the whole of 2020.

Tom Robinson – Chief Scientist at Elliptic – explained the negative statistics with the fact that the DeFi space has become an area of financial innovations where people allocate significant amounts of money. As such, it has turned out to be a tempting target for bad actors:

“The DeFi ecosystem is an incredibly exciting and fast-moving space, with financial services innovation happening at light speed. This is attracting large amounts of capital to projects that are not always robust or well-tested. Criminal actors have seen the opportunity to exploit this.”

DeFi platforms also lack a comprehensive regulatory framework. In an effort to address the issues in the sector, the US Securities and Exchange Commission (SEC) recently published a report on regulations, risks, and opportunities in it.

Caroline Crenshaw – Commissioner of the agency – asserted that her department has jurisdiction over DeFi, but no DeFi platform has registered with the regulator. Therefore, participants in the ecosystem remain unprotected by any legal authorities in case of criminal activities.

The PolyNetwork Drama

In August this year, the interoperability protocol – PolyNetwork – became a victim to a hacker who stole a record-breaking amount – over $600 million. The platform got exploited on Binance Smart Chain as the bad actor swiped the funds from at least three wallets.

However, the attacker turned out to be a white-hat hacker and started returning the funds from what became known as the biggest heist in DeFi history. Moreover, the perpetrator said they did it “for fun” willing to “expose the vulnerability” of such projects.

Subsequently, the attacker returned all the funds, and PolyNetwork was able to fully restore its system.