DeFi and Cryptocurrency have been progressively seizing media attention in 2021 and so are Scams. According to an estimation made by CoinGecko, the DeFi industry has grown by over $100B in 2021. Much to our surprise, cryptocurrency scams have also hit an all-time high in 2021.
In a report published by CipherTrace, we observed that DeFi-related hacks now make up more than 60% of the total hack and theft volume in 2021, a large increase from only 25% in 2020. The USD value locked in DeFi has grown exponentially last year and continues to do so, henceforth inviting potential money laundering risks. This exponential explosion of capital and lack of regulatory specifications have attracted criminal actors to DeFi, ultimately resulting in the most DeFi hacks in a year to date.
As more and more people become involved in newer digital monetary mechanisms, it doesn’t take long to realize that there’s obvious risk associated with these transactions. And we’re not talking about the volatility of the market. Scams are prevalent everywhere online, and DeFi exchanges are no different. It becomes crucial that you be aware of the possibilities of these risks and losing your cryptocurrency investments.
In this blog, we’ll be taking you through the 5 different types of DeFi scams and rug pulls that are the most common in the space and have been behind some of the biggest scams of all times. Let’s begin.
Firstly, What to Know Before Paying With Cryptocurrency?
If you’re planning to start paying with cryptocurrency, understand that it’s different from paying with a regular credit card or other traditional payment methods.
How? Let’s find out.
- Cryptocurrency payments do not come with legal protections.
As we’re all aware credit and debit cards have legal protections if, by any chance, something goes downhill. Cryptocurrencies typically do not.
- Cryptocurrency payments typically are not reversible.
Simply put, once you’ve made the transaction, there’s no going back. Before you buy anything with cryptocurrency, research the seller, where they’re located, and how to contact someone if something does go wrong.
- Some information about your transactions will likely be public.
Blockchain and Crypto are generally considered the most secure and anonymous. The truth, however, is slightly more complicated than that.
Some cryptocurrencies record transaction details on a public ledger, a blockchain. That’s a public list of every cryptocurrency transaction — both the payment and receipt sides. And when you buy something from a seller who holds onto some information about you, like a shipping address, that information can be used to identify you later on.
Once you start using cryptocurrency as a method of payment, these are the things you should be cautious about to be on the safer side of the road.
Onto the different scams!
DeFi Rug Pulls
DeFi rug pulls are the latest type of scam to hit the cryptocurrency markets. They are a more innovative form of exit scam whereby crypto developers abandon a project and run away with investors’ funds by taking away buy support or Decentralised Exchange (DEX) liquidity pool from the market.
Rug pulls typically happen in the DeFi ecosystem. Mostly on DEXs such as Uniswap or Sushiswap, as fraudulent token creators can create and list tokens for free without an audit. Smart contracts that lock in funds for a fixed period of time are the most popular method for programmers to steal funds. When the contract expires or reaches a previously set threshold limit, developers generally use programming functions to steal Bitcoin from it.
The Compounder Finance Rug Pull
2020 Dec saw a group of pseudonymous developers steal $10.8M worth of Wrapped Bitcoin (WBTC), ether, and a bunch of other cryptocurrencies from Compounder Finance.
The project claimed compounded returns to investors for investing their crypto into a time-locked smart contract, a smart contract that would only be executed after a specified period. Although, now the investors allege that developers had built a “back door” into the system and made away with funds before the smart contract expired.
Social Engineering Scams
Social engineering scams are those in which hackers use methods of psychological manipulation and deceit to gain control of vital information relating to user accounts. The power of social engineering triggers sees no bounds and the sad part is it is almost impossible to prevent users from falling for good social engineering – whether it be scams or phishing.
The Twitter Bitcoin Scam
On July 15, 2020, reportedly 130 high-profile Twitter accounts were compromised by outside parties to promote a bitcoin scam. Later on, Twitter confirmed that the attackers gained control of administrative tools and could tweet from those accounts directly.
Big names such as Joe Biden, Elon Musk, Barack Obama, Bill Gates, and many others lost control of their Twitter accounts, and false tweets were made, offering to double up the funds.
Exchange and Wallet Scams
Before the invention of Crypto Wallets, the main source of income for hackers were Exchanges. But now with the rise in the use of digital wallets, hackers saw it fitting to direct their attention to them.
The Ledger Wallet Data Leak
One of the biggest such hacks occurred in June 2020, when attackers stole 1 million customer email addresses by breaching the email and marketing databases for Ledger, a France-based crypto wallet firm. They also stole the personal details of 9,500 customers and published 242,000 customer email addresses on a website for hacked databases.
A common scam is to present a new cryptocurrency as an alternative to Bitcoin. The idea behind this scam is to make users believe that it’s too late to cash in on Bitcoin and that they need to invest in one of these up-and-coming cryptocurrencies that’ll offer them better results.
My Big Coin
The fraudsters behind My Big Coin took $6 million from customers to invest in the fake cryptocurrency and then redirected the funds into their bank accounts. The currency was shut down later because of this very scam.
Ponzi Investment Schemes
According to Investopedia, “A Ponzi scheme is a fraudulent investing scam promising high rates of return with little risk to investors. A Ponzi scheme is a fraudulent investing scam that generates returns for earlier investors with money taken from later investors.”
As cryptocurrency becomes more mainstream, ICOs will present greater risks to larger numbers of people.
OneCoin: Largest Ponzi Scheme Ever
OneCoin is considered one of the largest cryptocurrency pyramids, which functioned from 2014 to 2017, deceiving about three million people and defrauding investors of around $5 billion in total. It is a classic example of a Ponzi scheme in which participants receive a reward for each new person invited.
Frauds and Scams are not uncommon even in traditional markets. However, the unregulated nature of cryptocurrencies and DeFi makes it easier for scammers to carry out their plan of action. With billions of dollars at stake, it is of utmost importance now that concerned authorities impose regulations on cryptocurrencies and devise some solutions.
Most scams observe the smart contracts to be unaudited, That’s on you. Do your research before investing in a token, find out from reliable sources if they’re audited. Get insurance. Avoid browsing creepy socials. Be aware! That’s how you avoid a DeFi scam.
ImmuneBytes is facilitating blockchain smart contract security by employing the use of cutting-edge techniques on smart contracts and decentralized applications. We have a team of experienced security professionals who are adept at their niches and provide innovative solutions and consultation. So far we have worked on 175+ blockchain start-ups on different blockchain frameworks, with clients spread across the globe, and are continually unfolding ourselves to make this decentralized movement thrive.