Over $ 10 billion lost to DeFi fraud and theft in 2021


An illustration showing physical bitcoins next to binary code displayed on a laptop.

Jakub Porzycki | NurPhoto via Getty Images

LONDON – Investors have lost billions of dollars this year to criminals targeting so-called “decentralized financial platforms”.

More than $ 10 billion in user funds have been stolen in cases of fraud and theft of DeFi products that aim to replicate traditional financial services using blockchain technology, according to a report by London-based Elliptic.

DeFi has often been referred to as the “Wild West” of cryptocurrencies. Such services often promise huge returns to users, but lack any involvement from middlemen such as banks. High-yield savings and loan products are ubiquitous in the industry.

But as you’d expect with a young industry like crypto, DeFi platforms aren’t regulated. This is something regulators have been trying to get to grips with lately amid a spate of major hacks and scams.

The total losses caused by DeFi exploits totaled $ 12 billion so far in 2021, according to Elliptic, a company that tracks money movements in the digital ledgers that underpin cryptocurrencies.

Fraud and theft made up $ 10.5 billion of that total – a seven-fold increase from last year.

“The DeFi ecosystem is an incredibly exciting and fast-moving space where financial services innovations happen at the speed of light,” said Tom Robinson, senior scientist at Elliptic.

“This attracts large amounts of capital for projects that are not always robust or well-tested. Criminal actors have seen an opportunity to take advantage of this.”

Over the past two years, the total amount of funds deposited with DeFi services has grown from just $ 500 million to $ 247 billion.

This is because the price of Bitcoin and other cryptocurrencies has increased this year. Ethereum, the network behind the second largest digital coin in the world, is considered the backbone of many DeFi applications.

But as the size of the market has grown, so has the level of illegal activity. Earlier this year, the DeFi platform Poly Network lost more than $ 600 million in what was then the largest cryptocurrency theft of all time.

In a bizarre turn of events, all of the money was later recovered by the hackers who claimed they took advantage of Poly Network to reveal flaws in its system.

There have also been a number of so-called “rug pulls” where scammers convince investors to buy their token and then withdraw with the money after collecting a certain amount.


Regulators are increasingly concerned about DeFi’s rapid rise.

The Securities and Exchange Commission is looking at Uniswap Labs, the start-up behind a decentralized crypto exchange of the same name, for information on how investors use the platform and how it is being marketed.

A spokesman for Uniswap Labs said the company has an obligation to comply with the law and assist regulators with their inquiries.

The problem, say experts, is that DeFi services often market themselves as decentralized when this is not always the case.

The Financial Action Task Force, a global anti-money laundering watchdog, recently released revised guidelines on cryptocurrencies calling on countries to identify individuals with “control or sufficient influence” over DeFi programs.