New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


FBI Warns Investors to Take Precautions with Decentralized Financial Platforms

The FBI is warning investors cyber criminals are increasingly exploiting vulnerabilities in decentralized finance (DeFi) platforms to steal cryptocurrency, causing investors to lose money. Threat actors have been reported to employ a variety of methods in DeFi platform theft attempts: including initiating flash loans that trigger exploits in the platforms’ smart contracts, and exploiting signature verification flaws in DeFi platform token bridges to withdraw all investments. Many of the attacks against DeFi services have been attributed to the North Korea-affiliated hacking unit known as the Lazarus Group, with the nation-state adversary attributed to the theft of nearly $1 billion. These attacks will likely continue to rise as they have become extremely profitable. A report from blockchain analysis firm Chainalysis revealed that loses from crypto hacks have jumped 60% in the first seven months of the year. The FBI encourages investors who suspect cyber criminals have stolen their DeFi investments to contact the FBI via the Internet Crime Complaint Center or their local FBI field office.

Analyst Notes

The FBI recommends investors should seek advice from a licensed financial adviser. In addition, the FBI recommends investors take the following precautions:
• Research DeFi platforms, protocols, and smart contracts before investing and be aware of the specific risks involved in DeFi investments.
• Ensure the DeFi investment platform has conducted one or more code audits performed by independent auditors. A code audit typically involves a thorough review and analysis of the platform’s underlying code to identify vulnerabilities or weaknesses in the code that could negatively impact the platform’s performance.
• Be alert to DeFi investment pools with extremely limited timeframes to join and rapid deployment of smart contracts, especially without the recommended code audit.
• Be aware of the potential risk posed by crowdsourced solutions to vulnerability identification and patching. Open-source code repositories allow unfettered access to all individuals, to include those with nefarious intentions.
The FBI recommends DeFi platforms take the following precautions:
• Institute real time analytics, monitoring, and rigorous testing of code in order to more quickly identify vulnerabilities and respond to indicators of suspicious activity.
• Develop and implement an incident response plan that includes alerting investors when smart contract exploitation, vulnerabilities, or other suspicious activity is detected.