To support MIT Technology Review journalism, please consider becoming a subscriber.,
The same idea as DeFi— Smart Contracts વિશે is about transparency and open-source code as an ideology. Unfortunately, in practice this also often means multi-million dollar projects held together with tape and gum.
“There are some things that make DeFi more susceptible to hacking,” Grauer explains. “The code is open. Anyone can go over it by finding errors. This is a major problem we have seen that does not happen in central exchanges.
Bug bounty programs જેમાં in which companies pay hackers to detect and report security vulnerabilities છે are a tool in the industry’s arsenal. There is also a cottage industry of crypto audit companies that will give your project a seal of approval. However, a cursory look at the worst crypto hacks so far shows that the audit is not a silver bullet અને and when the hacks occur, there is often no liability for the auditor or the projects. The wormhole was audited by security firm Neodime a few months before the theft.
Many of these hacks are organized. North Korea has long used hackers to steal money to fund a regime that is largely separate from the world’s traditional economy. Cryptocurrency in particular has been a gold mine for Pyongyang. The country’s hackers have stolen billions in recent years.
Most hackers targeting cryptocurrencies do not fund the rogue state, though. Instead, the already strong cybercriminal ecosystem is only taking opportunistic shots at weak targets.
For the emerging cybercrime kingpin, the more difficult challenge is to successfully launder all the stolen money and turn it into something useful from the code – cash, for example, or, in the case of North Korea, into weapons. This is where law enforcement comes in. Over the past few years, police around the world have been investing heavily in tracking blockchain analysis tools and, in some cases, recovering stolen funds.
There is evidence of a recent Ronin hack. Two weeks after the theft, a crypto wallet containing stolen currency was added to the US sanctions list because the FBI was able to link the wallet to North Korea. That would make the reward difficult to use – but certainly not impossible. And while new tracing tools have begun to shed light on some of the hacks, law enforcement’s ability to recover and return funds to investors is still limited.
“Laundering is more sophisticated than hacks,” Christopher Jankzewski, a former case agent at the IRS who previously specializes in cryptocurrency cases, told the MIT Technology Review.
For now, at least, the big risk is part of the crypto game.