 Crypto hackers are back with a vengeance. In the last two weeks, about 718 million dollars have been stolen in a number of exploits across DeFi protocols. According to chain analysis data, 2022 is likely to outpace last year's record in terms of stolen crypto funds. But how can we make sense of these numbers? Is the crypto industry becoming less secure? And what can be done about it? We talked about all that with Kim Grauer, director of research at Chain Analysis. Before we get started, consider leaving a like and subscribing to our channel. I'm Giovanni, your host. Welcome to another Cointelegraph interview. According to chain analysis data, October this year was probably the worst month for crypto hacks. We are talking about 11 hacks and 718 million dollars stolen. And we are just half a way through the month. So how do we make sense of these numbers? We follow a lot of cryptocurrency crime related trends. And right now hacking is certainly the the biggest issue that we're thinking about that's happening in the industry. That's a real threat to security. And the way you would think about this is that last year, we knew that 2021 was the year that DeFi hacking really started to ramp up. And we kind of started to think that, hey, the industry can't this can't go on in the industry because people are really going to lose faith in investing their funds in DeFi platforms. And so we predicted that this is probably not going to last in the medium term. But the fact that we're at the in October of 2022, and we're at the highest month ever, I think really shows that this has not started to ramp down yet. We're not out of the woods yet in terms of of getting around the cyber security issues implicit with some having so much data, having so many contracts and the way they're on be managed through open source software. Yeah, it's very surprising because according to your data 2021 is going to be surpassed this year in terms of amount of crypto stolen through exploits. So that is concerning because last year we had a bull market this year. It was a bear market and we are still in a bear market. And so logically would expect also hacks and exploits to go down. But on the other on the on the contrary, it seems that 2022 is going to be a bigger year for crypto exploits. So how do we explain this trend? I would probably disagree with the premise of the question that because you're in a bull market or a bear market hacking would go down. There is certainly a connection between market trends and criminal activity, but many different, but only in some types of crime. So we've identified that scamming, for example, goes down when you're in a bear market because people are investing less, so they're investing in fewer scams. But there are certain types of crime where it doesn't really matter what the price of Bitcoin is, it's still going to happen, ransomware, dark net market activity hacking, hackers aren't more likely to hack if the price is really high. I mean, of course, there are some as the price gets higher, maybe people will get more enticed into getting into hacking because of how much money they perceive there to be. But a lot of these hacking organizations are especially of DeFi platforms. This is carried out many mainly by North Korean hacking groups. So this is just what they do every day. And so they're going to carry out these hacks no matter the price of Bitcoin. Okay, that's interesting. You mentioned North Korean hacks. How relevant is their activity in the big numbers that you pointed out? The last time we crunched the numbers, they were probably a little bit over 60% of all value hacked went to North Korea. This is billions of dollars going to North Korean hacking organizations, which means that they're one of the biggest threats in the industry. And they carry out some of the biggest hacks in terms of value stolen. They have been around for many years. We've been following chain analysis has done a really good job of profiling them over the past five, six, seven years and seeing how they've evolved as a hacking organization. And this year in particular, we've seen a massive amount of increased hacking from North Korean hacking organizations that pretty much surpasses where we were at in previous years. If only because the value stolen in each of these hacks is so much higher than in the past. Another trend that we need to point out is that the majority of these hacks are targeting DeFi protocols. So the realm of decentralized finance. On the other hand, we saw according to the data that you gathered that centralized exchanges have minimized the level of hacks and exploits. Historically, we touched some, I think, the historical minimum. Is this trend a signal that centralized exchanges have improved significantly their security mechanisms? Or it's just because more money is flowing into DeFi and so it's becoming more attractive for hackers. I would say it's definitely the former. We were in this position with centralized exchanges a few years ago. If you look at some of the charts that we've been putting out lately and up through 2019, a majority of the hacked value came from centralized exchanges. These were new exchanges that had a lot of security vulnerabilities that people took part of mostly through phishing. But over the years, we've raised so much awareness around the threat of hacking with centralized exchanges that we've seen major improvements in how centralized exchanges are handling their funds and prioritizing cybersecurity. So we've really done a good job of improving security in centralized exchanges. And I can't emphasize enough, it really was a talking point a few years ago that this is an insurmountable problem for centralized exchanges. All of the hacking that's coming. No one's going to trust the industry. But now we have moved on beyond that narrative. And now we're in a narrative where this is a systemic risk to DeFi. How are we going to get over this? This is insurmountable. Everyone's hacked. And so we need to as an industry evolve and grow to prioritize cybersecurity in DeFi. When we saw so much growth starting in 2021 of DeFi platforms, so many new entrants were coming to the market. Anyone could spin up a smart contract that was managing millions and millions of dollars. And maybe at the expense of growth, people did not prioritize cybersecurity or didn't care. And we're seeing the repercussions of those decisions now. It's also interesting to notice that one of the most common types of hacks are directed towards cross-chain bridges. So these bridges that connect one blockchain to another, why are these points so vulnerable to hacks? It's a really good question. And bridges are an attractive target because they often feature a central storage point of funds that back the bridged assets. So there's kind of, I don't want to call it a honeypot, but something comparable to a honeypot where there is a large quantity of money that's sitting there that people can know that there's a large amount of money in one place that is a bridge. But there's also effective bridge design is still pretty much an unresolved technical challenge that people are sorting out as we evolve as an industry. So what does it mean to have a secure bridge? You have to be secure on both blockchains. You have to surpass a level of security that's really that you can handle in just one blockchain because you're bridging to many different blockchains. So there's just more points of vulnerability, I think, plus this perception that there's potentially a honeypot. And this is a brand new technology. This has only emerged in the past kind of few years. So we're sorting out these issues as they come along. What are the tools that the industry has at its disposal in order to retrieve the funds once they get stolen through these exploits? So if you're hacked, then you would be able to follow the funds where they're going. Everything's available forever, publicly on the blockchain. And so if you can follow where the funds are going and which off-ramps they're using, then you can know which exchanges have those funds and you have a shot at getting those funds frozen by the compliance teams of those exchanges and then getting those funds returned to you. But once they're kind of turned into fiat and moved off the platform, you've missed your shot at getting those back purely through freezing the funds on the account. But you can still have a law enforcement investigation that might go follow the funds from there to try and figure out who the person is to try and get the funds seized again, which we've seen that happen as well. From my impression, it seems that a lot of this comes down to the essence of DeFi. So having protocols that don't have a centralized authority that can basically block everything and kind of basically ensure security. As you mentioned, centralized exchange managed to get a lot of improvements on this side. But do you think that it's possible to achieve the same through DeFi? Is it not an intrinsic element of DeFi having these sort of vulnerabilities? I don't think it's an intrinsic element of DeFi. I think that what we banks, financial institutions, your personal identity is in the world, is always being threatened to be stolen or scammed or hacked to some degree, not just in cryptocurrency. We see hackers are present everywhere. The difference with DeFi from centralized exchanges is there's an additional attack vector that hackers can carry out. So with centralized exchanges, the main breach is probably a phishing campaign. That's what we've seen happen of centralized exchanges. But also, we've seen centralized exchanges. We see businesses all around suffer vulnerabilities from ransomware that are also delivered through either malware or clicking on the wrong link or other phishing links. So with DeFi, you also have the problem of open source code, which means anyone can parse over this open source code and look for code vulnerabilities that they can exploit. That's not an intrinsic problem. There are contracts that have proven that they can remain secure, and you're going to be attacked from any direction no matter what. But once we nail cybersecurity in DeFi, I think that we're positioned as an industry to be far more secure because you have everything is in the code. If you get the code right, then you might actually not have some of these other sources of vulnerability. Maybe phishing won't be as prominent. And so you have the potential to create something really secure that has the potential to be even more secure than what we're seeing around the world already, but we just have to get there and make sure that the code that is managing these protocols is perfect. And it's probably going to take a little bit longer to get there. Kim, that was a super interesting conversation. Thanks a lot for coming on our show. Thank you so much. It was great to catch up.