I would just start off from where I left in my recent piece about Global authorities taking down the most dangerous malware. As I mentioned there, nefarious players have a habit of resurfacing in clever and unexpected ways. And the Cryptocurrency Crime & Anti-Money Laundering Report by CipherTrace highlights the fact. According to the data presented in the report — while cryptocurrency theft, hacks, and fraud fell 57% last year, owing to boosted security systems, crime in the ‘Decentralized Finance’ (Defi) space took off.
Although encouraging to see a significant drop in the Blockchain/Crypto fraud schemes, it still remains the most dominant form of fraud in this space. Centralized business offering crypto services have been able to effectively curb the fraudsters owing to stronger security measures put in place. Having said that hackers have now made their way to the booming Decentralized Finance (DeFi) business.
According to the report, one trend that stood out was the massive exit scams that dominated cryptocurrency crimes in the last two years. In 2019, the Ponzi scheme PlusToken pocketed $2.9 billion with its exit scam — 64% of the year’s major crime volume. 2020 saw WoToken, a similar scam operated by some of the same people as PlusToken, which ended by defrauding investors out of $1.1 billion in its exit scam — 58% of 2020’s major crime volume. While major fraud volume saw a significant decrease, it still made up 73% of 2020’s crime total.
Let’s look at some of the key findings of this report:
?? Crypto crime in 2020 was down 57% — dropping from $4.5 billion in 2019 to $1.9 billion (left chart, above).
?? Despite 2019 and 2020 seeing a similar number of thefts, hacks & fraud, the average value taken by criminal actors in 2019 was 160% higher than in 2020 — pointing to a strengthening of systems against such threats in the latter year. An example of this is the $281 million hack of cryptocurrency exchange KuCoin, which the exchange claims to have recovered 84% of the stolen funds.
?? DeFi has emerged as the new threat vector in the Cryptoverse. Fraudsters & Money launderers made away with $129 million in DeFi-related hacks. This amounted to half of all thefts in 2020. Although this was just 25% of all the thefts recorded in 2020, it is a significant increase considering there were almost no DeFi thefts in 2019 (right chart, above).
?? Fraud is the dominant cryptocurrency crime, followed by theft and ransomware.
?? US exchanges sent $41.2 million worth of BTC directly to criminals in 2020.
?? 84% of the bitcoin moved in exchange-to-exchange transactions was moved cross-border. And a third of this cross-border BTC volume is sent to exchanges with demonstrably weak KYC (Know Your Customer).
?? The US is the world leader in receiving BTC — 19.3% of BTC sent to exchanges globally is received by US-based Virtual Asset Service Providers (VASPs|). 10% of all BTC payments were sent to US-based VASPs.
?? BTC volume sent to high-risk exchanges was at an all-time low in 2020, posting a decline of 59% drop from 2019.
?? There were some 18 notable DeFi hacks in 2020, which included one of the largest decentralized exchanges in the world — Uniswap.
“Thefts from hacks against centralized exchanges continue to decrease as these financial institutions mature and adopt stronger security measures. Regulation and enforcement are restricting centralized fraud schemes, which are pushing criminals to exploit decentralized finance services.”
~ Dave Jevans, CEO CipherTrace
It is pretty evident from the report the DeFi has become the prime target for thefts by nefarious players. Permissionless by design and probably the most enticing feature of these DeFi protocols, the same has become a safe haven for money launderers & hackers — since they often lack regulatory oversight, and anyone in any country can access them with little or no KYC required. The strict regulatory regimen and tighter controls on the traditional VASPs have caused the criminals to cross the bridge over to DeFi platforms.
Cryptocurrencies that offer decentralization and some form of anonymity have always been under the radar by regulators for supporting illicit transactions — although they made up less than 0.5% of Bitcoin’s yearly volume in 2020. Although stricter regulations like FATF’s travel rule have been imposed on VASPs, criminals are now beginning to set their sights on greener decentralized finance services over their centralized counterparts.
It would be interesting to see how regulators approach the idea of putting checks & balances on DeFi platforms. They are especially looking at the unaudited smart contracts upon which many DeFi projects rely, and often have vulnerabilities that bad actors can exploit. As the total value locked (TVL) in DeFi assets reaches $30 billion, stricter compliance requirements might be on the way.
Originally Published on Medium
Medium ??| Twitter ?? | LinkedIn ??| StockTwits ?? | Telegram ??
