Report: $2.2 billion in cryptocurrency stolen from DeFi platforms in 2021

A new Chainalysis report found that the amount of cryptocurrency stolen from DeFi platforms grew 1,330% in 2021.
Written by Jonathan Greig, Contributor

Blockchain data platform Chainalysis has released a new report on cryptocurrency crime trends, finding that $14 billion in cryptocurrency was sent to illicit addresses in 2021, nearly double the figure seen in 2020. 

Chainalysis data shows that about $2.2 billion was outright stolen from DeFi protocols in 2021. As of 2022, Chainalysis estimated that illicit addresses currently hold at least $10 billion worth of cryptocurrency, with most held by wallets implicated in cryptocurrency theft, darknet markets and scams.

Digging deeper into the figures, Chainalysis researchers found that cybercriminals brought in 82% more in revenue from scamming last year, raking in $7.8 billion in cryptocurrency from victims. Within that $7.8 billion, Chainalysis discovered $2.8 billion that came from a scam they call "rug pulls." In these scams, developers create seemingly legitimate cryptocurrency projects before stealing investor money and disappearing. 

The $2.8 billion doesn't even take into account the user losses associated with the plummeting value of fake DeFi tokens and only counts the investor funding that was taken. Almost all of the $2.8 billion stolen in 2021 came from Thodex, a fraudulent centralized exchange that tanked when the CEO stopped users from withdrawing funds and disappeared. Chainalysis tracked several other DeFi projects that ended up being rug pulls. 

"We believe rug pulls are common in DeFi for two related reasons. One is the hype around the space. DeFi transaction volume grew 912% in 2021, and the incredible returns on decentralized tokens like Shiba Inu have many excited to speculate on DeFi tokens," Chainalysis said. 

"At the same time, it's very easy for those with the right technical skills to create new DeFi tokens and get them listed on exchanges, even without a code audit. Many investors could likely have avoided losing funds to rug pulls if they'd stuck to DeFi projects that have undergone a code audit – or if DEXes required code audits before listing tokens."  

Another big chunk of illicit cryptocurrency activity came from outright theft, which grew 516% in 2021 compared to the previous year. 

Chainalysis found that about $2.2 billion of the $3.2 billion worth of cryptocurrency stolen in 2021 came from DeFi protocols. The startling numbers far exceed the figures seen in 2020, when about $162 million in cryptocurrency was taken from DeFi platforms. That represents a 1,330% year over year increase for 2021. 

Chainalysis said many of the headline-grabbing attacks on DeFi exchanges over the last year "can be traced back to errors in the smart contract code governing those protocols, which hackers exploit to steal funds." 

"We've also seen significant growth in the usage of DeFi protocols for laundering illicit funds, a practice we saw scattered examples of in 2020 and that became more prevalent in 2021. DeFi protocols saw the most growth by far in usage for money laundering at 1,964%," Chainalysis explained. 

"In the longer term, the industry may also need to take more drastic steps to prevent tokens associated with potentially fraudulent or unsafe projects from being listed on major exchanges."

The attack on DeFi protocol Grim Finance at the end of December capped a whirlwind year for DeFi hacks. A week before the attack on Grim Finance, more than $77 million was stolen from AscendEX. Days before that, blockchain gaming company Vulcan Forged said around $140 million had been stolen from their users.

Crypto trading platform BitMart suffered from a devastating attack that caused about $200 million in losses.

In November, cybercriminals stole about $120 million from DeFi platform Badger. Other attacks in 2021 include thefts of more than $600 million from Poly in August and $34 million from Cream Finance in September. In May, about $200 million was stolen from the PancakeBunny platform. 

Other attacks have involved platforms like Liquid, EasyFi, bZx, and many others. 

Chainalysis noted that cryptocurrency transactions involving illicit addresses represented just 0.15% of all cryptocurrency transaction volume in 2021, but the company added that the $14 billion figure is likely to increase as they find more addresses tied to criminal activity. The 2020 figures grew from 0.34% to 0.62% of all cryptocurrency transactions after Chainalysis continued to dig. 

"Cryptocurrency usage is growing faster than ever before. Across all cryptocurrencies tracked by Chainalysis, total transaction volume grew to $15.8 trillion in 2021, up 567% from 2020's totals. Given that roaring adoption, it's no surprise that more cybercriminals are using cryptocurrency. But the fact that the increase was just 79% -- nearly an order of magnitude lower than overall adoption -- might be the biggest surprise of all," the report said, explaining that "illicit activity's share of cryptocurrency transaction volume has never been lower."

The report adds that law enforcement has been able to increase its foothold in the cryptocurrency world in recent months. Chainalysis, which works with a number of law enforcement and government agencies, noted that the IRS Criminal Investigations announced that it seized over $3.5 billion worth of cryptocurrency in 2021 -- all from non-tax investigations.

Editorial standards