Decentralised finance and crypto scams

Joshua Foo, Regional Director for ASEAN and Central Asia, Chainalysis

EITN: First things first – what is crypto hacking? What is DeFi? Why was DeFi the main victim of these hacks?

Joshua: Hacks are attacks where hackers use phishing lures, code exploits, malware, and advanced social engineering to siphon funds out of organizations’ internet-connected “hot” wallets.

Decentralized finance is a movement that uses decentralized networks and blockchain to convert traditional products into trusted and transparent protocols. The goal of DeFi is to create a financial system that is open to everyone. The need for trust in a central party is reduced to a minimum. Smart contracts form the basis for this. These make it possible to carry out transfers and agreements on the blockchain, without the intervention of a necessary central authority, such as a bank.

Since DeFi protocols move funds without human intervention, users should be able to audit the underlying code in order to trust the protocol. That said, this benefits cybercriminals, too, who can analyze the scripts for vulnerabilities and plan exploits well in advance.

EITN: How do Crypto scams work?

Joshua: Scams are used to deceive or trick people into giving away their money, or cryptocurrency. Scams are the most profitable form of cryptocurrency-based crime and one uniquely targeted toward new users. It also poses one of the biggest threats to cryptocurrency’s continued adoption.

The good news is this is a problem that the industry can work to solve through education about red flags with scamming. Chainalysis has also worked with exchanges to leverage our data to prevent their customers from sending funds to known scams

EITN: What is blockchain analysis?

Joshua: Cryptocurrency presents unprecedented transparency. Cryptocurrencies are the first global payment systems outside of any one organization’s control, but their blockchains create public, permanent records of illicit activity. Blockchain analysis helps people interpret those public blockchain ledgers. Our tools help government agencies, cryptocurrency businesses, and financial institutions understand which real-world entities transact with each other. For example, we can show that a given transaction took place between two different cryptocurrency exchanges, or between a cryptocurrency exchange and an illicit entity, such as a sanctioned individual or organization.

With blockchain analysis tools and Know Your Customer (KYC)  information, law enforcement can gain transparency into blockchain activity in ways that aren’t possible in traditional finance. Likewise, with transaction monitoring, cryptocurrency exchanges and financial institutions can flag high-risk activity and fulfill their regulatory obligations to report them.

By working from the same Chainalysis blockchain data, our public and private sector customers can collaborate more efficiently when investigating illicit activity. We believe this transparency is critical to weeding out bad actors and building trust in blockchains to pave the way for the more mainstream adoption of cryptocurrencies.

EITN: Who would benefit from reading a report you had recently published?

Joshua: Anyone can benefit from reading this report – whether they are from financial institutions, government agencies, crypto businesses, crypto enthusiasts or just the general public. Chainalysis made the decision to launch these reports because there’s a lot of misinformation on the role of cryptocurrency around the world.

We made the call early on that it is key to deliver good quality research and data to the public domain. Our mission is to build trust in blockchain, and through this data, we are informing people that cryptocurrency is used for so much more than criminal activity. In fact, only less than 1% of transactions are associated with illicit wallets. There’s also no equivalent number in traditional financial markets where you can have this level of transparency around transactions.

EITN: What are the main highlights of the report in layman terms?

Joshua: The Chainalysis 2023 Crypto Crime Report found that the share of all cryptocurrency activity associated with illicit activity has risen for the first time since 2019, from 0.12% in 2021 to 0.24% in 2022. Despite the market downturn, illicit transaction volume rose for the second consecutive year, hitting an all-time high of $20.1 billion. Overall, illicit activity in cryptocurrency remains a small share of overall volume at less than 1%. It’s also worth keeping in mind that despite this year’s jump, crime as a share of all crypto activity is still trending downwards.

When we dove into the data, transaction volumes fell across all of the other, more conventional categories of cryptocurrency-related crime, with the exception of stolen funds, which rose 7% year-over-year. A key trend we found is that ransomware revenue fell 40% in 2022 versus 2021.

We believe this reflects a trend that victims aren’t paying ransoms like they did in the past, not that attacks are down. Our findings suggest that a combination of factors and best practices – such as security preparedness, sanctions, more stringent insurance policies, and the continued work of researchers quietly finding flaws in the encryption – are effective in curbing payments and ransomware actors’ extortions.  

Crypto scam revenue also dropped as crypto prices decreased, and we can see clear links between different scams using blockchain analysis. Romance scams, including pig butchering bring in most revenue per victim.

EITN: What are the best practices Chainalysis has for anyone looking to dabble in the crypto market, or start a crypto business?

Joshua: Education and research is key for anyone looking to enter or participate in the crypto market. Do independent research and stay informed.

For those looking to start a crypto business, blockchain analysis tools are also key, as they can help the organization monitor transactions, identify potentially suspicious activity, and address it appropriately. The ability to track and trace funds is no longer a nice-to-have. The great thing about blockchain analysis platforms is that they harness the inherent transparency of blockchains to offer these services to cryptocurrency businesses and financial institutions. Using a blockchain analysis platform that is supporting government entities means you’ll also have many of the same core data sets as the agencies that regulate your platform.