A Number Of Security Breaches Highlight Room For Improvement In Crypto Spaces

March 18, 2021 03:00 PM
Crytpo and Bitcoin Market Cap Story of Day

Crytpo and Bitcoin Market Cap Story of Day


Bitcoin and Altcoin Prices by TradingView


Crypto was rallying this morning with spot volumes just under the 30-day average on the move. Cardano (ADA) continues to see the greatest gains in the Top 10 with Coinbase launching trading on the asset today.

Crypto Story of the Day

On Monday, Binance Smart Chain (BSC) DeFi venue PancakeSwap had its site “compromised by a third party” asking users to enter crypto wallet private keys while over the weekend hackers stole digital art from NFT marketplace Nifty Gateway. The episode highlights the novel security challenges faced by new crypto applications. 

The compromise of PancakeSwap’s site, which is the first hack of a DeFi venue on BSC, resulted in unknown losses for the venue’s users at this point. 

The hack involved perpetrators replacing the PancakeSwap website with an interface that asked users to enter their cryptocurrency wallet keys in order to enter the exchange. Using the private keys, the hackers would then be able to access users’ wallets. 

The same compromise seems to have affected other DeFi venues, while popular wallet provider MetaMask tweeted that these types of hacks “seem to be getting more common.” 

According to a postmortem of the hack published by CREAM finance, 1 of the effected DeFi venues, the hacker seems to have gained access to the site’s GoDaddy account. This breach allowed them to make alterations to the site in order to ask users for their private keys. 

According to a crypto-related crime report from crypto analytics firm Chainalysis, while DeFi represents a small fraction of crypto activity, the sub-sector accounted for 33% of stolen crypto in 2020: that’s USD 170 million out of a total of USD 570 million stolen crypto. 

Monday also saw news break of hackers who stole digital artwork, or NFTs, that were potentially worth hundred-thousands of dollars on the Nifty Gateway marketplace. Hackers also used customers’ credit card information to purchase NFTs, which were then sent to outside addresses. Nifty Gateway later tweeted that the effected accounts seemed to not have 2-factor authentication enabled and that there was no compromise of the platform itself. 

An exact figure of losses stemming from the hack wasn't revealed, though a user claimed to have USD 150,000 worth of NFTs stolen.

Security considerations surrounding the custodying of cryptocurrencies and other digital assets have been a central theme in the space’s growth and adoption. Monday’s episodes highlight how security continues to be a key consideration for new crypto applications, in this instance the emerging NFT space and DeFi on BSC. DeFi, in particular, is highly susceptible to hacking due to the vulnerability of these platforms to the manipulation of outside data that informs the performance of smart contracts. 

We’ve maintained that DeFi’s susceptibility to breaches remains a significant obstacle for its adoption. NFTs, on the other hand, represent a novel security consideration, in that the sector, at the moment, aims to attract a wider user-base than cryptocurrency with marketplaces such as NBA Top Shot attracting users who may be less technically savvy and accustomed to storing digital property. 

With both DeFi and NFTs, the challenge is to create safe, reliable applications capable of achieving mass adoption. We feel that improved security solutions are essential to both sectors attracting new users.

Please sign up for a free trial of FRNT Financial Morning Note.

About the Author

FRNT Financial is a technology and sales layer that offers institutional and accredited investors access to various forms of exposure to crypto-assets. You can subscribe to FRNT Financial Morning Note at https://www.frnt.io/morningnote