To support MIT Technology Review journalism, please consider subscriptions.
DeFi – a concept similar to smart contractors – is all about visibility and open source as an idea. Unfortunately, doing so often means multimillion-dollar disruptive projects made in conjunction with tape and gum.
“There are a number of factors that put DeFi at risk of theft,” explains Grauer. “The code is open. Anyone can go and see the bugs.
Bug bounty programs — which companies pay hackers to obtain and report on security issues — are one of the tools in the company’s tools. There are also small crypto currency trading companies that can come in quickly and give you a legitimate seal. However, a closer look at the worst hacks of all time shows that the investigation has no silverware — and often there is no response from the auditor or the project when hacks have taken place. Wormhole was detained by security company Neodyme several months ago for theft.
Most of these hacks were made. North Korea has been using hackers to steal money to support the world’s poorest government. Cryptocurrency in particular has become a gold mine in Pyongyang. Thieves have robbed billions of dollars in recent years.
Many cryptocurrency fraudsters do not pay money to dictatorships. Instead, the powerful cybercriminal environment already exists is simply shooting at weaker targets.
For a beginner who violates computer laws, the most difficult problem is selling all the stolen money and converting it into something valuable – money, for example, or in North Korea, weapons. This is where the police come in. Over the past few years, police around the world have invested heavily in blockchain tracking devices to track and, in some cases, recover stolen money.
Evidence is a recent hack to Ronin. Two weeks after the devastation, the crypto wallet containing the stolen money was added to the US sanctions list because the FBI was able to connect the wallet to North Korea. This makes it difficult to take advantage of the opportunity – but not impossible. And although new tracking tools have begun to illuminate other hacks, the legal capacity to recover and reimburse investors is still limited.
“Fraud is far more serious than just hacks,” Christopher Janczewski, a former IRS prosecutor who specializes in cryptocurrency cases, told MIT Technology Review.
In the meantime, at least, high risk remains a part of crypto games.