DeFi: North Korean hackers steal $285 million by 2024

Lazarus Group expands attacks on global DeFi and targets Brazil

A Decentralized Finance (DeFi)has become one of the main targets of cyber groups linked to authoritarian regimes. By 2024, North Korean hackers, especially theLazarus GroupThey have stolen more than$285 millionin attacks on DeFi protocols, according to data compiled by theJournal of CoinIn Brazil, although no large-scale attacks have been recorded so far, experts warn of the rising risk, especially on platforms that offerHigh interest rates on stablecoinsLess liquid tokens.

The most common method used is asocial engineering, such as phishing and identity falsification on decentralized loan platforms.Drift Protocol, a decentralized trading protocol, was the target of an attack that resulted in a loss of$285 millionElliptic researchers have identified links between the attack and theLazarus GroupHe is known for funding the Kim Jong-un regime with funds obtained from cybercrime.

How could Brazil be the next target?

The Brazilian cryptocurrency market has grown rapidly, driven by the high adoption of stablecoins and the popularity of DeFi platforms that offerAnnual return of more than 10%In the case of assets like USDC or DAI.REUTERSThe volume of transactions on Brazilian exchanges increased40% by 2024, attracting not only local investors, but also international funds seeking high returns in a regulatory environment still in formation.

However, the combination ofLow regulation specific to DeFiAnd the lack of independent audits on many Brazilian protocols could make the market vulnerable to attacks.ANPD (National Data Protection Authority)He has issued a statement warning of the risks of data leakage on DeFi platforms that do not follow good security practices.The Brazilian Federal RecipeIt has not yet set clear rules on taxing earnings on DeFi, which may encourage opacity in some protocols.

Another risk factor is theLower awareness of usersMany Brazilians who invest in DeFi do not know basic security techniques, such as the use ofCold walletor the verification of code audits on platforms.Chainalysisand only18% of Brazilian cryptocurrency usersThey use advanced security tools such as multisig or smart contracts to protect their assets.

What can protocols and users do to protect themselves?

for themDevelopers of DeFi protocolsExperts recommend the implementation ofRegular independent auditsIn addition to the use of CertiK or OpenZeppelin,Mechanisms for recovery of funds(such as timelocks or multisig) can reduce the impact of attacks.synthesizedHe managed to recover some of the funds stolen in an attack thanks to a combination of smart contracts and negotiation with the hackers.

already themBrazilianUsersPriority should be given to platforms that offer:

• Security against hackers(as Nexus Mutual or Unslashed)
• Public Auditsthe source code;
• The Cold Wallet(Ledger and Trezor)
• Transparency in Governance(Public votes for amendments to protocols).

It is also important that investorsAvoid protocols that promise excess returns(more than 20% per year), as these usually involve high liquidity or fraud risks.Brazilian Federation of Blockchain and Crypto Assets (FebraBlock)At least5 Brazilian DeFi platformsThey were identified as suspected Ponzi schemes in 2024.

Market impact and regulation on the horizon

The increase in DeFi attacks has pressured governments and regulators to act.The SEC (Securities and Exchange Commission)In addition, it has already begun investigations into protocols that do not segregate funds from users, a common practice on some DeFi platforms.The Central Bankand aCVM (Securities and Exchange Commission)They have discussed the creation of a regulatory framework for DeFi, but there is no forecast for its implementation yet.

The lack of regulation can be aThe double riskOn the one hand, it attracts investors in search of high returns; on the other hand, it exposes the ecosystem to coordinated attacks.Bitcoin MagazineThe ban on yields (return) on stablecoins in the U.S. was not adopted precisely because of its negative impact on consumers and small that rely on these revenues to generate passive income.

Similar regulations could be adopted.Reduce the attractiveness of dubious DeFi protocolsBut they would also limit innovation in a sector that is still in formation.Fernando Ulrich, founder and economist of FoxbitThey argue that the ideal would beBalance between consumer protection and innovationclear rules on transparency and security.

DeFi in Brazil needs more transparency and security

The case ofLazarus Group and the attacks on DeFi protocolsAs the sector grows driven by high earnings and low regulation, the risk of cyber attacks and fraud also increases.Prioritize transparent platforms with independent audits and robust security mechanismsFor regulators, the challenge is to find a medium term that protects users without stifling innovation.

The future of DeFi in Brazil will depend not only on the adoption of best practices through protocols, but also on abalanced regulationMeanwhile, North Korean hackers and other criminal groups will continue to target our market – unless we take concrete steps to protect ourselves.