DeFi-hacking is 'een fulltimebaan geworden': oprichter van ImmuneFi

Like
vond

Datum:

Hacks of decentralized finance (Defi) protocols have become a “full-time job” for professional attackers, according to the founder of blockchain security firm ImmuneFi.

Sprekend tot decoderen at Web Summit 2024, ImmuneFi founder Mitchell Amador said that DeFi hacking has become “an infinitely sustainable and viable business”—though the crypto space is “unquestionably” getting safer.

DeFi hackers, he said, are “looking for more damage, more than ever—and their skills are also applicable in a number of different areas.” He explained that, “even if they’re not getting sustainable hacks over the interim, they could be doing MEV, or other ways to monetize their very unique skillset.”

Despite that, Amador told decoderen, the crypto space is “getting much safer, and at a very quick clip.” He pointed to the results of ImmuneFi’s Verslag Q3 2024, which found that losses from crypto hacks had dropped by 38% year-over-year, to just under $424 million.

In the year to date, Amador said, crypto losses from hacks have totaled “just over a billion dollars,” versus around $3 billion in 2022, and around $1.8 billion in 2023. “This is despite the increasing value of the industry as a whole, and the increasing value in on-chain assets as well. So on a per capita basis, the risk per dollar of value is going off a cliff.” While hacking incidents are up, he said, “we’re seeing very few of the large cases.”

Hij benadrukte de October 2024 hack of Radiant Capital for $50 million as an example of the increasing sophistication of DeFi hacks, pointing the finger at North Korean hackers. “They went after the private keys by compromising the underlying machines and spoofing transactions in this funky kind of man-in-the-middle attack, which is very exotic.” Hackers are increasingly using social engineering to exploit vulnerabilities in DeFi protocols, he said, adding that “human beings are always the weakest link.”

In order to harden the world’s largest slim contract blockchain against attacks, ImmuneFi is hosting the Ethereum Protocol Attackathon, “the world’s largest code contest,” with a $1.5 million reward pool up for grabs.

“We’ve got hundreds and hundreds of hackers,” Amador said. “They’re all going to be throwing themselves at the Ethereum code base with $1.5 million on the line in order to show that they can find mission critical bugs and disclose them in time.”

“This is a new kind of procedure that the Ethereum Foundation has never done before,” he said, expressing his hope that the contest becomes a regular event, “hardening each and every new major iteration of the blockchain.”

While blockchain security is “the most picks-and-shovels, stable part of the crypto industry,” Amador expects the sector to be “indirect beneficiaries” of the incoming Trump administration and its crypto-friendly positioning.

Trump’s proposed U.S. strategic Bitcoin reserve, Amador said, is “creating pressure” on European ministries to “begin adopting crypto more aggressively and to become much more friendly as a result,” adding that, “I’ve seen this with my own eyes.”

“It does seem like it’s going to be a huge net benefit to the industry in terms of overall industry growth and friendliness,” he said, adding, “This is going to drive security activity in turn.”

For its part, ImmuneFi is planning to expand into “automated technologies,” including a “pretty big AI agent” that will coordinate the crowdsourcing of “proactive security measures,” Amador said.

“We’re taking the next logical step for bug bounties,” he added, “but they’re going to look completely different in two or three years than they do today—and it should be pretty wild.”

Bewerkt door Andrew Hayward

Dagelijkse debriefing Nieuwsbrief

Begin elke dag met de belangrijkste nieuwsverhalen van dit moment, plus originele artikelen, een podcast, video's en meer.

Gerelateerde artikelen

spot_img

Recente artikelen

spot_img