The Intelligent Insurer #47 — Investors left vulnerable as security risks increase
2021 has been a significant year for the cryptocurrency industry. DeFi projects received more funding this year than ever before. The prices of Bitcoin and other major cryptocurrencies exploded in 2021, discovering new highs and setting up the industry for higher expectations.
However, hackers and malicious actors also left a significant dent in the industry, with the rate of digital asset theft reaching new levels. In the latest Intelligent Insurer, we examine the extent of these hacks and exploits. We highlight a fews representative examples and explore how users can protect themselves against such events. Firstly, we’ll highlight the progress we’ve made this week via our software development update.
Insured Finance software development update
As the year draws to a close, we are extremely pleased to report that our next-generation digital asset insurance platform remains on track. Our commitment to provide our users with a secure and intuitive experience remains firm. Here are a few highlights of the progress we made this week.
- Our new landing page is developed and is currently going through our rigorous approval process. Once approved, users will experience smoother functionality and a secure browsing environment.
- We continued assimilating feedback from prior user tests and have begun implementing the necessary changes
- We accelerated our efforts to create documentation that assists our auditors
The holiday season witnessed our team taking a step back to refresh themselves and to prioritize bigger picture goals. We’re looking forward to returning refreshed in the new year and pushing our platform to new heights in 2022.
Crypto industry theft and hacks surge 80% in 2021
In 2021, the rate of cryptocurrency hacks and scams rose by 80% compared to the previous year with $12 billion of investor funds lost. These activities were concentrated on the emerging DeFi ecosystem, which has received attention from investors following the rise of mainstream cryptocurrencies.
Rug pulls account for about 40% of the losses crypto users experienced in 2021. The rug pull is a popular method since it lures investors into a false sense of security, with hackers posing as project developers. The typical rug pull begins with a hyped project or a project that takes advantage of existing trends in the DeFi industry. Once enough investors are lured to the project, the developers abandon it without warning and withdraw user funds via anonymizing tools.
The SnowdogDao project offered an example of this exploit. This project announced a fancy “eight-day game theory experiment” that had the veneer of development. It ultimately led to investors losing $30 million, as the project team allegedly misappropriated funds following a buyback announcement.
The development team absolved themselves of any blame in this incident, and users were left holding the bag. The project spiralled downwards, and investors never received any compensation following the theft. While allegations of a rugpull still surround the project, the project team have not faced any negative consequences.
Exchange hacks and code exploits also accounted for significant losses in the cryptocurrency industry in 2021. On several occasions, hackers took advantage of security limitations and weaknesses in code to steal digital assets from cryptocurrency exchanges.
The largest ever single heist on a cryptocurrency platform happened in 2021. The attack on PolyNetwork on August 10th, 2021 led to the loss of over $600 million. However, the project team was fortunate since the hack was executed by a white hat hacker who later returned all the stolen funds to the network.
Following that heist, the project team vowed to fix any vulnerabilities in their code and expanded their bug bounty program. Bug bounties have proved to be an invaluable tool to DeFi projects in patching security issues. However, not every project was as fortunate as PolyNetwork.
BitMart exchange suffered a $200 million loss after a hacker accessed a private key and compromised the exchange’s security system. The hacker used the Ethereum-based mixing service Tornado Cash to withdraw the stolen funds and make them untraceable, leaving users with little hope of recovery.
While compensation plans and investigations were announced, investors typically have little recourse in such situations. All of this has led to discussions about investor protection and better security protocols.
Digital assets face unknown risks
Fund security has become an important issue with every DeFi project. Investors must conduct thorough research into a project by conducting code audits, reading whitepapers, and assessing members of the project team. Token economics and the project’s viability are also important. These methods help investors protect themselves from classic crypto theft methods.
However, 2021 has shown that even these methods are not infallible. Most investors are not technically-minded and can miss vulnerabilities. Second, as in the case of the BitMart hack, developer mistakes can compromise well-meaning projects, leaving investors at the mercy of the project’s developers’ choices. Clearly, additional protection is needed.
This is because even after investigations, projects are not immune to future hacks. Therefore, as the industry works towards better ways to secure invested funds, users must seek protection against unforeseen circumstances. Digital insurance solutions like Insured Finance offer guaranteed safety against rugpulls, exchange hacks, stablecoin failures, and other kinds of risks that are prevalent in the cryptocurrency industry.
DeFi is here to stay but as the industry goes through growing pains, investors must account for unforeseen security risks. Digital asset insurance is a novel solution that will suit every investor, irrespective of their technical nous.
About Insured Finance
Insured Finance is a decentralized, peer-to-peer insurance marketplace. Users can request customized insurance on a wide variety of digital assets, thereby ensuring full protection. Those fulfilling requests can earn premiums and earn a competitive return on their capital. Claims are fully collateralized and settled instantly.