> For the complete documentation index, see [llms.txt](https://web3-encyclopedia.gitbook.io/web3-encyclopedia/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://web3-encyclopedia.gitbook.io/web3-encyclopedia/decentralized-finance-defi/learn-why-defi-should-expect-more-hacks-this-year.md).

# Learn: Why DeFi should expect more hacks this year?

{% hint style="info" %}
This article was originally published on Cointelegraph, written by [Jesse Coghlan](https://cointelegraph.com/authors/jesse-coghlan)
{% endhint %}

Decentralized finance (DeFi) investors should buckle themselves up for another big year of exploits and attacks as new projects enter the market and hackers become more sophisticated.

Executives from blockchain security and auditing firms HashEx, Beosin and Apostro were interviewed for Drofa’s *An Overview of DeFi Security In 2022* report shared exclusively with Cointelegraph.

The executives were asked about the reason behind a significant increase in [DeFi hacks](https://cointelegraph.com/news/hackers-drain-8m-in-assets-from-bitkeep-wallets-in-latest-defi-exploit) last year, and were asked whether this will continue through 2023.

Tommy Deng, managing director of blockchain security firm Beosin, said while DeFi protocols will continue to strengthen and improve security, he also admitted that “there is no absolute security,” stating:

> “As long as there is interest in the crypto market, the number of hackers will not decrease.”

Deng added that many new DeFi projects “don’t go through complete security testing before going live."

Additionally, a significant amount of projects are now exploring the use of [cross-chain bridges](https://cointelegraph.com/news/is-there-a-secure-future-for-cross-chain-bridges), which were a prime target for exploiters last year, [leading to $1.4 billion stolen](https://cointelegraph.com/news/the-10-largest-crypto-hacks-and-exploits-in-2022-saw-2-1b-stolen) across six exploits in 2022.

The comments mirror those of blockchain security firm CertiK, who [told Cointelegraph on Jan. 3](https://cointelegraph.com/news/no-respite-for-exploits-flash-loans-or-exit-scams-in-2023-cybersecurity-firm) that it doesn’t “anticipate a respite in exploits, flash loans or exit scams” in the coming year.

In particular, CertiK noted the likelihood of “further attempts from hackers targeting bridges in 2023” citing the historically high returns from attacks in 2022.

Crypto auditing firm HashEx founder and CEO, Dmitry Mishunin, said “hackers have gotten smarter, gained more experience, and learned how to look for bugs.”

> “The crypto industry is still relatively new, and everyone is growing with each other, so it’s difficult to get too far ahead of bad actors.”

He added the amount of value in some DeFi projects made the industry “very attractive” to malicious actors, and that the number of hacks “is only going to grow going forward.”

Mishuin said these attacks may even spread outside of DeFi, with attackers setting their sights on “crypto exchanges and banks” that enter the market offering “more secure solutions for storing digital assets.”

Smart contract security and auditing firm Apostro co-founder, Tim Ismiliaev gave a more hopeful take, however, as he expects the space to “mature over the next five years, and new best practices for securing decentralized finance protocols will emerge.”

### Too long, didn’t read

Interestingly, both Mishunin and Deng noted that many of the post-incident reports provided by blockchain security firms often fail to reach their target audience — blockchain developers.

“The people that read such analyses are average investors that are concerned about their money. Actual blockchain developers are too busy coding; they don’t have time to read stuff like that,” said Mishunin.

Meanwhile, Deng said the reports are usually about “event-based vulnerabilities and related recommendations,” so doesn’t often help other developers as they might still be vulnerable to other exploits.

He admitted, however, that reports on “general vulnerabilities” in DeFi “tend to do a good job of ramping up protection.”

> “The reentrancy vulnerabilities are now not as common as they used to be.”


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://web3-encyclopedia.gitbook.io/web3-encyclopedia/decentralized-finance-defi/learn-why-defi-should-expect-more-hacks-this-year.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
