DeFi coin off cliff
Illustration: Christopher T. Fong/Protocol

DeFi hacks are surging and the industry needs to step up

Protocol Fintech

Good morning, and welcome to Protocol Fintech. This Monday: DeFi hacks everywhere, El Salvador buys more bitcoin, and Coinbase faces a stablecoin lawsuit.

Off the chain

I’m going to hand the mic over to Haun Ventures’ Sam Rosenblum, who summed up crypto’s wild ride with this (now-deleted) tweet late Friday: “In the last ~year $COIN has been both $420 and $69. Nice.” And a smiling-tear emoji. We’re all feeling the smiling-tear emoji right now.

— Owen Thomas (email | twitter)

Can DeFi hack it?

Until recently, DeFi seemed like it was on an exponential trajectory upwards. With the collective value of crypto peaking near $3 trillion, hackers saw a big opportunity. The only thing that may slow them down is the precipitous drop in the value of the tokens they’re going after.

DeFi hacks have been getting worse and worse, with no clear solutions in sight. According to a recent report by blockchain security firm PeckShield, the amount of money netted from DeFi hacks in the first four months of 2022, $1.57 billion, has already surpassed the amount netted in all of 2021, $1.55 billion.

  • The biggest contributors to the worst quarter the industry has seen — or the best, if you’re a criminal — were Axie Infinity’s Ronin bridge exploit ($650 million), the Wormhole network exploit ($320 million) and the Beanstalk Farms governance attack ($180 million).
  • A thread connects all three: The biggest hacks of 2022 were carried out by attackers spotting vulnerabilities in smart contracts and protocols, especially in cross-chain bridges and flash loan protocols.

The rising tide of digital theft threatens to undermine confidence in cryptocurrency broadly. And it could bring down regulators’ wrath on a still-nascent industry.

  • Erin Plante, senior director of Investigations at Chainalysis, told Protocol that because blockchain code is typically public, hackers can view it easily to spot vulnerabilities and manipulate the protocol to exploit it.
  • Code exploits and flash-loan attacks dominated 2022’s attacks, raising the stakes from the smaller-scale social engineering attacks that characterized DeFi hacks in 2021. Cross-chain bridges have become a target for attackers mainly because of an increased surface area that allows for more attack vectors than typically exist on a single blockchain.

There’s another alarming statistic for regulators. 2022 has also been the biggest year for North Korean-affiliated hacking groups so far, according to a Chainalysis report.

  • Last month, the U.S. Treasury linked the Ronin bridge hack to North Korea’s Lazarus hacking group, listing its wallet address in the Specially Designated Nationals List and sanctioning the funds.
  • This is especially worrying given a recent United Nations report that found crypto laundered by North Korean hackers was used to fund nuclear and missile programs, making the issue a matter of international security.

Plante said there is “a need for the community to come together and support each other and protect each other and attempt to ward off these attackers,” leveraging Web3’s community ethos. It will take collective effort to secure the blockchain — and if the industry doesn’t provide it, Washington might just step in.

— Lindsey Choo (email | twitter)

A version of this story originally appeared on Read it here.


We're doing for value what the internet did for information: enabling its instant and seamless flow around the world. Using the power of blockchain and cryptocurrency, we help financial institutions and businesses unlock economic opportunity, gain business advantage and drive innovation. Learn more about a U.S.-based crypto innovator.

Learn more

On the money

The U.S. Treasury announced a strategy to combat illicit finance. One of the top four agency priorities is to “enable the benefits of technological innovation while mitigating risks, staying ahead of new avenues for abuse presented by virtual assets and other new financial products, services, and activities.”

South Korea is planning to implement digital asset regulation by 2024. The administration of a new crypto-friendly president, Yoon Suk-yeol, is planning on enacting the Digital Assets Basic Act next year, with plans to implement it by 2024, according to a document obtained by the Kukmin Ilbo newspaper.

El Salvador is going full steam ahead on bitcoin, despite the crypto crash. President Nayib Bukele proudly tweeted that El Salvador bought as prices fell, saying that they managed to purchase “500 coins at an average USD price of ~$30,744.” Bitcoin has already fallen back below that mark.

Emirates Airlines plans to accept bitcoin as a payment method. In another move by the Middle East toward crypto, the Dubai-based airline announced that it plans to start accepting bitcoin and hire new staff for metaverse and NFT projects.

Thoma Bravo acquired Bottomline Technologies. The investment firm finalized its acquisition of the payment software company in a $2.6 billion cash deal. Bottomline also appointed Craig Saks, formerly its president, as CEO, replacing Rob Eberle.

Coinbase has another stablecoin problem

On Nov. 17, the price of gyen, a crypto stablecoin, briefly spiked to $0.0234. The next day, the price fell back down to about $0.0087, approximately the worth of one Japanese yen — the fiat currency the stablecoin was supposed to be pegged to. Then, on Nov. 19, Coinbase froze trading, citing a “technical glitch.”

Some Coinbase users are still up in arms six months later, saying the marketplace misled them about the coin’s stability by listing it on the exchange. A group of California investors filed a lawsuit Thursday against Coinbase and gyen issuer GMO-Z Trust, saying they cost the plaintiffs “untold millions,” and are seeking to have it certified as a class action.

“In the one year since it was first issued, gyen has been anything but stable,” the complaint reads. “Coinbase holds itself out as a centralized marketplace for cryptocurrency traders, but is essentially an unregistered broker-dealer of unregulated financial instruments.”

Read the full story on

— Veronica Irwin (email | twitter)

Coming up

The AIM Summit starts today. The two-day conference in London will feature speakers from Pantera Capital, Coinbase, BlockFi, Gemini and others.

The FinovateSpring conference is Wednesday. The three-day conference will be held in San Francisco, featuring speakers from J.P. Morgan, Goldman Sachs, Meta, Google and others.

Lightspeed’s earnings call is set for Thursday. LSPD’s average estimated EPS is at -$0.25, with losses increasing by 14% from the prior quarter.

The Fintech World Forum 2022 will start next Monday. The two-day conference will be held in London, featuring speakers from SWIFT, IBM, Google and others.


Our payments solution uses cryptocurrency to enable partners to send money faster, and at lower cost, 24/7/365, while our crypto liquidity solution helps businesses of all sizes efficiently source cryptocurrencies from global markets to engage new customers. See how we're enabling U.S. businesses to drive innovation.

Learn more

Thanks for reading — see you tomorrow!

Recent Issues