On August 13, a hacker stole $611 million from Poly Network, a platform that allows users to swap tokens across multiple blockchains. This breach is the largest DeFi attack to date, the scale of which is comparable to the likes of the Coincheck heist and the Mt Gox hack – two of the biggest crypto hacks in recent history.
$273 million in ETH, $253 million in BSC tokens, and $85 million in USDC on the Polygon blockchain were stolen. According to Poly Network, the attacker exploited “a vulnerability between contract calls” to perpetrate the breach.
The Poly Network team identified three addresses from which the assets were taken across the Binance Smart Chain, Ethereum, and Polygon blockchains. Each chain was struck consecutively as the attacker exploited a vulnerability between contract calls.
The increasing adoption and the massive opportunity presented by DeFi comes with the increased risk of breaches like this one. The frequency and magnitude of such attacks will potentially continue to rise if security measures are not in place.
In examining Poly Network’s breach, here are our recommendations on how to mitigate the risks of a similar incident.
Create defined DeFi policies for swift enforcement
As DeFi continues to grow, companies looking to deploy significant capital should create a policy system around DeFi protocols, exchanges and apps for users.
By creating specific policies and permissions for traders who execute on DeFi trading strategies, you can swiftly limit access and the movement of funds to prevent accidental or malicious transactions.
This allows companies to scale and remain agile without compromising on security or compliance; in the event of a breach, access to compromised wallets or protocols can be quickly shut off without disruption to your team.
Automate AML/KYT screening
It’s important to integrate automated AML/KYT screening into your trading workflow. This enables your team to quickly identify and remove suspicious transactions from your liquidity pool.
In the case of the Poly Network breach, the hackers wallet addresses were quickly identified and propagated throughout the crypto community and media. Manually screening for deposit addresses would have been a nightmare, but with an automated KYT system it would be a matter of seconds before your team can resume normal operations.
Automated AML/KYT also mitigates the risks of your traders inadvertently transferring funds to and from blacklisted wallets. This is especially crucial for retail-facing platforms that handle thousands of wallets and transactions daily.
To help our customers automate AML/KYT, Fireblocks has integrated with industry-leading AML/KYT providers Chainalysis and Elliptic.
Improving DeFi security and compliance
Luckily, in the case of Poly Network, multiple parties in the crypto community rallied together to track and lockdown wallet addresses linked to the malicious actor. By Wednesday afternoon, Poly Network reported that $260 million, mostly in BSC, had been returned.
Despite malicious activity and hacking attempts, the DeFi market continues to grow. As of August 2021, the total value locked in DeFi smart contracts was over $80 billion.
As the DeFi space continues to mature and evolve, the right security measures will significantly mitigate your risks and enable you to continue interacting and reaping the rewards of DeFi.
Read this blog post to learn how your organization can securely access DeFi.