ImmuneFi report $10B in DeFi hacks and losses across 2021
Decentralized finance, or DeFi, security platform and bug bounty service ImmuneFi published an official report on Thursday, which calculated the total volume of losses in the cryptocurrency markets in 2021. According to its report, the company found that losses resulting from hacks, scams and other malicious activities exceeded $10.2 billion dollars over the past year.
Responsible for protecting over $100 billion worth of assets for a number of well-established DeFi protocols, including Synthetix, Chainlink, SushiSwap and PancakeSwap, among others, ImmuneFi has regularly facilitated seven-figure pay-outs to whitehat hackers and other good-willed entities for preventing protocol compromises.
According to the report, across 2021, there were 120 instances of crypto exploits or fraudulent rug-pulls, the highest-valued hack being Poly Network at $613 million, followed by Venus and BitMart with $200 million and $150 million, respectively.
Other notable entries to the list were Alpha Finance and Cream Finance, who were both hacked for $37.5 million, Yearn.finance’s $11 million, Furucombo’s $14 million evil contract exploit, as well as the infamous Alchemix reverse rug in which the platform’s users claimed a welcome fortune due of $6.5 million after a withdrawal issue arose with one of the platform’s smart contracts synthetic assets, alETH.
The year 2021 saw a stark rise in both the frequency and volume of security breaches in comparison to the previous year, which recorded 123 incidences totaling $4.38 billion, a 137% increase.
We’ve just released our report for 2021 on crypto losses stemming from hacks and scams.
In total, the DeFi ecosystem saw a loss of $10,210,188,549
— Immunefi (@immunefi) January 7, 2022
In conversation with Cointelegraph, CEO and founder of Immunefi, Mitchell Amador, spoke of his optimism for the future of on-chain security, despite what he described as a “year of dramatic losses” for the industry.
“Despite the appearance of entirely new vulnerabilities in the onchain economy, the community is adapting rapidly. At Immunefi alone, we saved double the amount lost to exploitation this year, and security best practices are circulating throughout the community.”
Amador cited ImmuneFi’s role in facilitating Polygon’s (MATIC) recent $3.47 million pay-out to two whitehat hackers for their instrumental role in averting what was described as a “critical” vulnerability in the network’s proof-of-stake Genesis contract, placing almost all of the MATIC token supply of $10 billion at risk.
In September last year, ImmuneFi organized what was reported at the time as being the largest bounty in the history of DeFi to renowned white hat programmer Alexander Schlindwein for averting a potential $10-million bug crisis in automated market maker, or AMM, protocol Belt Finance.
Schlindwein received a compensation of $1.05 million in total, $1 million of which was granted by Belt Finance with ImmuneFi acting as the middleman, and the remaining $50,000 offered by Binance Smart Chain’s Priority One program.
In October, ImmuneFi announced a $5.5 million capital raise from a number of institutional investors, including Blueprint Forest, Electric Capital, with the intention of expanding its security services across the DeFi industry in a concerted effort to lower the prevalence and financial impact of benevolent security exploits in the space.