The FBI has issued a warning about the most common vulnerabilities used by cybercriminals to attack DeFi platforms.

According to a report by analytics firm Chainalysis, between January and March 2022, cybercriminals stole $1.3 billion in cryptocurrencies. Almost 97% of these are stolen from DeFi platforms.

The FBI has identified three common tactics to attack this segment of the crypto market:

• instant credit launch (according to this scheme, an attack was carried out on the bZx DeFi platform in November 2021 with a damage of $ 55 million);
• exploit a vulnerability in cross-chain bridges (hacking the Nomad protocol in early August, more than $90 million was stolen);
• Manipulating the prices of cryptocurrencies by exploiting a number of vulnerabilities, including the use of a single price prediction (Deus Finance exploit in April 2022, $13.4 million stolen).

“Cybercriminals want to capitalize on the increased investor interest in cryptocurrencies, as well as the cross-chain functionality and sophistication of open-source DeFi platforms,” the agency said.

Blockchain security companies state that the most dangerous vulnerabilities are related to the negotiation of smart contracts.

“Smart contract code often cannot be changed to fix security flaws. The Ethereum Foundation said assets stolen from smart contracts cannot be recovered and are extremely difficult to trace.

The FBI recommends that you carefully examine DeFi platforms, protocols, and smart contracts for independent auditing and assess the potential risks of investing in this segment.

Earlier, analysts from Elliptic reported that since 2017, attackers have laundered more than $8 million through NFT markets, which account for 0.02% of total trading turnover.

Over $100 million tokens were stolen from July 2021 to July 2022.

The most popular tool for laundering money from NFT scams was the Tornado Cash cryptocurrency mixer.

Read ForkLog bitcoin news in our Telegram – cryptocurrency news, courses and analysis.