Top 10 DeFi Hacks That Are Useful For Blockchain Apps

Top 10 DeFi Hacks That Are Useful For Blockchain Apps

DeFi News
January 3, 2023 by Diana Ambolis
Blockchain applications are used in decentralized finance (DeFi) to eliminate traditional intermediaries from the financial services ecosystem. While DeFi has brought about significant advancements in accessibility, DeFi attack dangers have been causing worry. How significant are these worries regarding DeFi security? DeFi theft cost $1.5 billion in overall losses in 2021. The losses caused by
Top 10 DeFi Hacks That Are Useful For Blockchain Apps

Blockchain applications are used in decentralized finance (DeFi) to eliminate traditional intermediaries from the financial services ecosystem. While DeFi has brought about significant advancements in accessibility, DeFi attack dangers have been causing worry. How significant are these worries regarding DeFi security? DeFi theft cost $1.5 billion in overall losses in 2021. The losses caused by DeFi hacks in the first few months of 2022 totalled over $1.4 billion. It’s critical to realize that DeFi is not only a fad in technology. In actuality, it represents a fresh interpretation of the financial environment of the future.

The magnitude of user financial losses makes the importance of DeFi security abundantly plain. Therefore, it’s critical to pinpoint the root causes of the most common DeFi hacks and focus on creating mitigation strategies. The success of defences against DeFi hackers determines how widely DeFi will be used. The talk that follows provides an in-depth analysis of the most common DeFi attacks and identifies how hackers use DeFi protocols. You should also consider how important it is to protect DeFi protocols and tokens.

What Justifies Learning About DeFi Hacks?

DeFi began with bitcoins and has since grown to include decentralized exchanges and dApps for staking, lending, borrowing, and other services. Due to the escalating number and size of attacks, decentralized finance has recently come under heavy fire. Users could be reluctant to embrace DeFi protocols due to fears of a DeFi exploit. and 

The total worth of the assets locked in DeFi protocols was $53.73 billion as of September 2022. By this point, the total amount of losses from DeFi hacking had reached almost $2.32 billion. The list of DeFi hacks has caused the DeFi sector 50% more harm than in 2021 due to the enormous quantity of losses.

The steadily decreasing TVL in the DeFi market is another worrying element of DeFi hacks. DappRadar estimates that by November 2022, the TVL in DeFi was down to $41.54 billion. The TVL forecast for 2021 was above $110 million, which indicates a sharp fall. One of the often cited explanations for the decline in TVL mentions the value of stablecoins’ recent decrease.

On the other side, one of the elements contributing to a decline in TVL may be financial losses brought on by flaws in DeFi protocols and tokens. The frequently used DeFi protocols have been the target of some of the most well-known DeFi attacks. The losses brought on by DeFi exploits may result in a broad decline of confidence in DeFi’s viability as a substitute for conventional financial services. The value that is locked in DeFi is most crucially a desirable target for hackers. DeFi hacking must therefore be understood in order to prevent unintended repercussions from DeFi protocol security violations.

How does DeFi get used by hackers?

Understanding how hackers abuse DeFi protocols is crucial before looking at a list of DeFi hacks. What would be the possible reasons behind DeFi’s vulnerabilities?

DeFi’s open-source nature, which exposes the code to everyone, is the main point of vulnerability. While the open-source nature guarantees the benefits of openness, it also provides several opportunities for hackers to abuse the protocols.

DeFi attacks frequently use the notion of composability as their root cause since it leaves DeFi protocols open to outside exploitation. The speed at which DeFi projects are introduced is the second cause of vulnerability. In order to release their protocol before rivals, developers are more inclined to overlook flaws and mistakes.

How are DeFi hacks produced? The analysis of numerous DeFi hacks may reveal some of the potential vulnerabilities in DeFi protocols. Hackers can use these weaknesses to get unauthorized access to the assets of DeFi subscribers.

The following are a few typical techniques for DeFi hacks:

Oracle Trickery

Oracle’s smart contract, which is utilized in DeFi protocols to access outside data, could be manipulated by hackers. Changing token pricing data is one of the frequent oracle manipulation vulnerabilities.

Errors in Smart Contract Logic

One of the significant reasons for a DeFi exploit is that developers rush to release DeFi protocols to the market and fail to fix simple bugs and vulnerabilities. Since the DeFi protocol code would be publicly available, hackers may view the smart contract code and find flaws to exploit.

Attacks via Reentrancy

The use of reentrancy attacks is another typical strategy in DeFi hacks. An untrusted contract is called externally by a smart contract during such attacks without being resolved.

Also, read – Top 10 Best DeFi Security Best Practices

The Most Common DeFi Hacks

One of the major dangers to the community is the existence of DeFi vulnerabilities. In addition to having a direct financial impact, the rising list of DeFi hacks also has an influence on the businesses’ reputation as DeFi providers. The following top hacks in the DeFi landscape should therefore be examined in detail.

The Most Common DeFi Hacks

Ronin Network

The Ethereum-based sidechain of the well-known play-to-earn game Axie Infinity is called Ronin Network. It suffered a hack that cost it more than $625 million in ETH and USDC assets. You can gain a deeper understanding of the hack by comprehending how the Ronin Network functions. Ronin was created to make it easier for Axie Infinity players to enjoy the game without having to deal with the challenging Ethereum network interactions. Players could successfully move their ETH to the Axie Infinity network over the Ronin Bridge.

One of the biggest DeFi hacks involved the Ronin Bridge, which was taken over and the source of fabricated false withdrawals. In two separate transactions, the attacker withdrew money using the stolen private keys. The attacker took over five validators who needed to release money on the Ronin Bridge without authorization. Despite the fact that the exploit occurred on March 23, Axie Infinity did not notify it until over a week later. In one of the largest hacks in DeFi history, the attacker gained access to almost 25.5 million USDC and 173,600 ETH.

Nomad Bridge

The Nomad Bridge hack is next to the list of the most widely used DeFi hacks. Nearly $190 million was stolen by hackers from the cross-chain bridge, which facilitates the exchange of tokens like Ethereum, Moonbeam, Avalanche, and Evmos. It’s interesting to note that the attack on the Nomad Bridge didn’t happen in just one or two transactions. The attack, which reportedly included 1175 hacks, was one of the first ones in which numerous hackers used the same exploit. An upgrade to Nomad’s code was blamed for the attack since it revealed a flaw where one piece was recognized as valid for all transactions.

After the first hacker discovered this weakness, numerous imitators quickly followed. Each attacker duplicated the original hacker’s transaction call information and substituted their own address for it. The hackers then withdrew more assets than they had initially deposited on the website. It’s interesting that the white hat hackers returned almost $30 million in response to the Nomad team’s open public request for the recovery of funds.


With a loss of over $160 million, the Wintermute breach is also one of the noteworthy entries on a DeFi hacks list. In order to generate distinctive addresses and save transaction costs, Wintermute used an address-generating program. These addresses, though, were 32-character vanity wallet addresses. Any hacker may have broken into the process of regenerating the private keys in an address with the correct tools.

The main factor that led to the Wintermute hack suggests that their DeFi vault and hot wallet contract may have included vanity addresses. Hackers could simply gain access to the money in these sources and shift it in any way they pleased. In an effort to stop the attack, Wintermute tried deleting all of the ETH from its hot wallet. They had not, however, changed the admin’s address for their vault. Hackers must have made off with all they found in the hot wallet, even though the specifics of the hack are still in question.

Wormhole Bridge

Another well-known example of a DeFi attack on a bridge is The Wormhole Bridge. Unlike Ronin Bridge, Wormhole Bridge does not function as a game exchange. Instead, it serves as a token bridge that enables users to trade tokens between several blockchains, including Ethereum, Terra, Oasis, Solana, and Avalanche. Users of the bridge must stake their ETH to obtain wrapped ETH with a 1:1 ETH liquidity backing. The network would therefore accept wrapped ETH in the same range as unwrapped ETH. Evidently, hackers made the decision to use liquidity as a weapon to attack the protocol.

With flaws in the “guardian” accounts, the Wormhole Bridge attack provides improved insights into “How do DeFi breaches happen?” The hacker created approximately 120,000 wrapped ETH tokens on Solana without any ETH backing, which was a novel tactic for DeFi breaches. The hacker then stole about 93,750 of the wrapped ETH tokens, transferred them to the Ethereum network, and exchanged them for almost $254 million. The hackers used this cash to buy a variety of tokens, including Finally Usable Crypto Karma and Bored Apes. The Wormhole Bridge attack highlights the inherent issues with crypto bridge security.

Beanstalk Farms

Beanstalk is a stablecoin protocol that uses algorithms rather than a liquidity pool. With a DeFi attack that cost the protocol over $182 million in April, it suffered one of the greatest losses. Simple security flaws in DeFi tokens have the potential to cause enormous losses, as demonstrated by the Beanstalk Farms DeFi hack. The Beanstalk hack was mostly brought on by its own decentralized governance architecture and the availability of flash loans.

Through the flash loan, the hacker was able to siphon cryptocurrency assets from the protocol to various addresses and gain control of the governance mechanism. The Beanstalk Farms hack amplifies the basic weakness in the Beanstalk DAO.


With a loss of almost $113 million, the Elrond attack is also among the biggest DeFi hacks. Hackers took roughly 1.65 million EGLD tokens, the native token of the Elrond blockchain, using a flaw in Maiar, a decentralized exchange. According to reports, the hacker took EGLD from the decentralized exchange using three wallets and a smart contract.

On top of that, the hackers swiftly sold almost 800,000 of the Elrond blockchain’s native tokens for close to $54 million on Maiar. The hackers exchanged some of the tokens for ETH and sold the other ones on centralized markets.


Scream, a DeFi lending platform, is a major addition to the list of DeFi hacking victims. Given the weaknesses in protocol security, the Scream hack on the Fantom blockchain implies one of the most childish exploits. Due to a drop in the peg of stablecoins on the platform, namely DEO and Fantom USD, the platform ended up in debt for roughly $38 million.

The Scream protocol hack is among the most well-known because of the straightforward but unclear attack’s loophole. The Scream protocol fixed the two stablecoins’ values without any adjustment methods. As a result, it was unable to show how much the assets had decreased in value.

As they deposited the DEI and Fantom USD stablecoins, which were losing value, whales took advantage of the loophole to withdraw valuable stablecoins. In place of hardcoded stablecoin price, the Scream protocol incorporated Chainlink oracles for accessing real-time pricing information.

Finance Qubit

On January 28, the Qubit Finance DeFi protocol revealed that a hacker had stolen about 206,809 BNB or Binance tokens. According to the protocol, the QBridge protocol was the main target of the attack, and the total value of the compromised tokens was close to $80 million.

With a large loss, it is also one of the noteworthy entries on a DeFi hacks list. Through the deposit option, the hacker found a weakness in the QBridge contract and generated about 77,162 qXETH, which stands in for the ETH bridged through Qubit.

If you look closely, the hacker repeated the operation numerous times while tricking the platform into thinking they had made a deposit. Finally, the hacker converted the protocol’s assets into BNB tokens before dissipating into thin air.

Horizon Bridge

The Horizon Bridge hack demonstrated that 2022 was not a favourable year for Horizon Bridge Crypto bridges. On June 23, a DeFi breach damaged the Horizon Bridge and caused almost $100 million in losses. In order to provide seamless use between several blockchain networks, including Ethereum, Harmony, and Binance Smart Chain, Horizon provides a cross-chain interoperability platform.

According to the analysis of the DeFi exploit, hackers stole $98 million from the platform under the control of Harmony. More than 50,000 wallets were affected when hackers converted the tokens into ETH. The hackers later used Tornado Cash to withdraw close to $35 million.


Stablecoin protocols appeared on the list of DeFi hacks very frequently, just like crypto bridges. Another stablecoin technology that has fallen prey to DeFi hacks this year is Cashio. With roughly $48 million in losses, the breach caused the protocol’s CASH stablecoin to plummet. With the support of interest-bearing liquidity provider tokens, Cashio makes it possible to mint the CASH stablecoin through deposits.

The hacker created billions of CASH using Cashio’s fundamental features before converting them to UST and USDC. The hacker then used the Saber DEX to withdraw the tokens. This hack caused the CASH stablecoin to disappear after falling to $0.