TechCentralTechCentral
    Facebook Twitter YouTube LinkedIn
    Facebook Twitter LinkedIn YouTube
    TechCentral TechCentral
    NEWSLETTER
    • News

      Unlawful Eskom strike costing South Africa three stages of load shedding

      1 July 2022

      Google.co.za is down and the domain is pending deletion

      1 July 2022

      US files charges over South African bitcoin fraud scheme

      1 July 2022

      Hein Engelbrecht to lead Mustek as its new CEO

      1 July 2022

      Alviva shares leap higher on R3-billion take-private offer

      30 June 2022
    • World

      Meta girds for ‘fierce’ headwinds

      1 July 2022

      Graphics card prices plummet as crypto demand dries up

      30 June 2022

      Bitcoin just had its worst quarter in a decade

      30 June 2022

      Samsung beats TSMC to 3nm chip production

      30 June 2022

      Napster plots crypto comeback

      29 June 2022
    • In-depth

      The NFT party is over

      30 June 2022

      The great crypto crash: the fallout, and what happens next

      22 June 2022

      Goodbye, Internet Explorer – you really won’t be missed

      19 June 2022

      Oracle’s database dominance threatened by rise of cloud-first rivals

      13 June 2022

      Everything Apple announced at WWDC – in less than 500 words

      7 June 2022
    • Podcasts

      How your organisation can triage its information security risk

      22 June 2022

      Everything PC S01E06 – ‘Apple Silicon’

      15 June 2022

      The youth might just save us

      15 June 2022

      Everything PC S01E05 – ‘Nvidia: The Green Goblin’

      8 June 2022

      Everything PC S01E04 – ‘The story of Intel – part 2’

      1 June 2022
    • Opinion

      Has South Africa’s advertising industry lost its way?

      21 June 2022

      Rob Lith: What Icasa’s spectrum auction means for SA companies

      13 June 2022

      A proposed solution to crypto’s stablecoin problem

      19 May 2022

      From spectrum to roads, why fixing SA’s problems is an uphill battle

      19 April 2022

      How AI is being deployed in the fight against cybercriminals

      8 April 2022
    • Company Hubs
      • 1-grid
      • Altron Document Solutions
      • Amplitude
      • Atvance Intellect
      • Axiz
      • BOATech
      • CallMiner
      • Digital Generation
      • E4
      • ESET
      • Euphoria Telecom
      • IBM
      • Kyocera Document Solutions
      • Microsoft
      • Nutanix
      • One Trust
      • Pinnacle
      • Skybox Security
      • SkyWire
      • Tarsus on Demand
      • Videri Digital
      • Zendesk
    • Sections
      • Banking
      • Broadcasting and Media
      • Cloud computing
      • Consumer electronics
      • Cryptocurrencies
      • Education and skills
      • Energy
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Motoring and transport
      • Public sector
      • Science
      • Social media
      • Talent and leadership
      • Telecoms
    • Advertise
    TechCentralTechCentral
    Home»Sections»Cryptocurrencies»Decentralised finance: The latest front in crypto’s hacking problem

    Decentralised finance: The latest front in crypto’s hacking problem

    Cryptocurrencies By Agency Staff16 August 2021
    Facebook Twitter LinkedIn WhatsApp Telegram Email

    For most of the 13-year life of cryptocurrencies, exchanges were the epicentre for cyberheists. Now, a bigger hacking risk in the growing sector has exploded into view: peer-to-peer crypto platforms.

    One such site, Poly Network, was at the centre of a US$610-million crypto theft last week, one of the biggest ever. Within days of the heist, the decentralised finance (DeFi) platform said the “white hat” hacker or hackers had returned nearly all the loot.

    The unusual ending to the Poly Network saga belies fast-emerging risks in this growing corner of crypto, where an estimated $80-billion or more is held, interviews with industry executives, lawyers and analysts show.

    DeFi sites allow users to lend, borrow and save – usually in cryptocurrencies – while bypassing the traditional gatekeepers of finance

    DeFi sites allow users to lend, borrow and save — usually in cryptocurrencies — while bypassing the traditional gatekeepers of finance such as banks and exchanges. Backers say the technology offers cheaper and more efficient access to financial services.

    But the heist at Poly Network — previously a little-known site — has underscored the vulnerability of DeFi sites to crime. Would-be robbers are often able to exploit bugs in the open-source code used by sites. And with regulation still patchy, there is usually little or no recourse for victims.

    Middlemen

    Centralised exchanges, which act as middlemen between buyers and sellers of crypto, had previously been the main targets of crypto cyberheists. Tokyo-based exchange Mt Gox, for instance, collapsed in 2014 after it lost half a billion dollars in hacks. Coincheck, also based in Tokyo, was hit by a $530-million heist in 2018.

    Many major exchanges, under the regulatory spotlight and striving to attract mainstream investors, have since bolstered security and heists on such scale are now relatively rare.

    An onus on security at major platforms such as Coinbase Global has pushed less-secure venues to the sidelines, said Ross Middleton, chief financial officer at DeFi platform DeversiFi.

    “What’s happened is the big exchanges have got really good (on security) and the smaller exchanges aren’t around anymore,” he said. “The frontier is definitely DeFi now.”

    Losses from crime at DeFi platforms are at an all-time high, crypto intelligence firm CipherTrace said last week, with thieves, hackers and fraudsters making off with $474-million from January to July. The spike came as funds poured into DeFi, mirroring flows into crypto as a whole. According to DeFi Pulse the total value held at such sites is now more than $80-billion, compared to just $6-billion a year earlier.

    DeFi specialists say security risks tend to lie at newer sites which may run on less secure code. “There is a widening security and risk gap between old, battle-tested DeFi protocols, and new, untested DeFi protocols,” said Rune Christensen, former head of the body behind high-profile DeFi application, Maker.

    For some analysts, greater regulation in inevitable, with little sign that DeFi sites can do the job themselves

    Proponents says the use of open-source code means vulnerabilities can be quickly identified and solved by users, reducing the risk of crime. DeFi can police itself, they say. Yet for financial watchdogs and governments across the world looking at regulating the crypto sector, DeFi is increasingly in focus.

    US Securities and Exchange Commission (SEC) chairman Gary Gensler has signalled he would take a tough stance on DeFi. Such platforms may be captured by US securities laws, he said in a speech this month, calling on the US congress to draft legislation to rein in DeFi and crypto trading.

    ‘Hobbesian marketplace’

    Officials at the US Commodity Futures Trading Commission have also signalled greater scrutiny. Commissioner Dan Berkovitz in June called DeFi a “Hobbesian marketplace” — a reference to a 17th century philosopher who saw life without government as “nasty, brutish and short”. Unlicensed DeFi platforms for derivatives were violating commodities trading laws, he suggested.

    Elsewhere, moves are slower. DeFi is still far from the political agenda in Britain, for instance. A spokesman for Britain’s financial watchdog said that while some DeFi activities may fall under its scope, much of the sector is unregulated.

    For some analysts, greater regulation in inevitable, with little sign that DeFi sites can do the job themselves. “The unfortunate situation is that (Poly Network) was seen as just an average Tuesday in the DeFi world,” said Tim Swanson of blockchain firm Clearmatics. “The industry likes to congratulate itself by claiming it resides on transparent systems, but it has repeatedly shown it is incapable of policing itself.”  — Reported by Tom Wilson, with additional reporting by Michelle Price and Gertrude Chavez-Dreyfuss, (c) 2021 Reuters

    Now read: How hackers stole $613-million in great DeFi heist

    CipherTrace Dan Berkovitz DeFi DeversiFi Poly Network SEC top
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email
    Previous ArticleNo, Eskom is not hiring
    Next Article Cardano’s ADA is now the world’s third largest cryptocurrency

    Related Posts

    Unlawful Eskom strike costing South Africa three stages of load shedding

    1 July 2022

    Google.co.za is down and the domain is pending deletion

    1 July 2022

    US files charges over South African bitcoin fraud scheme

    1 July 2022
    Add A Comment

    Comments are closed.

    Promoted

    Billetterie simplifies interactions between law firms and clients

    30 June 2022

    Think herding cats is tricky? Try herding a cloud

    29 June 2022

    How your business can help hybrid workers effectively

    28 June 2022
    Opinion

    Has South Africa’s advertising industry lost its way?

    21 June 2022

    Rob Lith: What Icasa’s spectrum auction means for SA companies

    13 June 2022

    A proposed solution to crypto’s stablecoin problem

    19 May 2022

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2022 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.