Curve Finance founder Michael Egorov revealed that coordinated "for-hire" hackers are increasingly targeting DeFi projects across platforms, exemplified by a recent DNS attack on Curve's website. Despite strong security measures, the attack succeeded due to a registrar transferring domain ownership ...
Coordinated cyber attacks by "for-hire" hackers are increasingly targeting decentralized finance (DeFi) projects, as evidenced by the recent DNS attack on Curve Finance. This breach highlights the vulnerability of crypto projects, even with strong security measures in place such as robust passwords and two-factor authentication. The attack on Curve Finance involved unauthorized domain ownership transfer by their registrar, demonstrating the need for heightened security protocols in the crypto space.
Crypto security faces unique challenges compared to traditional banking, as transactions in the crypto world are irreversible. This means that once funds are stolen, there is no way to recover them. Current internet infrastructure is struggling to keep up with the rapidly evolving threats in the crypto space, leaving projects exposed to potential breaches.
In May, code vulnerabilities were identified as the leading cause of crypto attacks, resulting in over $229 million in losses. This includes a significant exploit on the Cetus Protocol, where $225 million was stolen through oracle manipulation. Overall, crypto breaches in May amounted to approximately $302 million, although there was a slight decrease from the previous month.
Michael Egorov, the founder of Curve Finance, revealed that coordinated attacks by "for-hire" hackers are becoming more prevalent in the DeFi ecosystem. These attacks are often meticulously planned and executed, sometimes involving bribery to gain access to sensitive information. Egorov emphasized the need for enhanced security measures in crypto projects, given the irreversible nature of transactions in the space.
Security firm CertiK's report for May highlighted the prevalence of code vulnerabilities in crypto attacks, contributing to the majority of funds lost. The attack on Cetus Protocol showcased how attackers can manipulate smart contracts and drain liquidity through oracle manipulation. Despite the challenges faced by the crypto sector, there was a slight decrease in losses in May, indicating some progress in mitigating risks.
In conclusion, the crypto space continues to face security challenges, with hackers targeting projects across platforms. The industry must prioritize security measures to protect against potential breaches and safeguard user funds. As the landscape evolves, collaboration between security experts and project teams will be crucial in enhancing the overall security posture of the crypto ecosystem.