Elliptic Estimates $12B Lost to DeFi Exploits

The crypto analytics firm says that most of those losses occurred this year.

Elliptic Estimates $12B Lost to DeFi Exploits
Shutterstock photo by Gorodenkoff

Key Takeaways

  • Crypto analytics firm Elliptic has published a new report that surveyed DeFi losses between 2020 and 2021.
  • At least $12 billion has been lost to various attacks and incidents, with $10.5 billion stolen this year alone.
  • Elliptic's estimates are considerably higher than other similar surveys for reasons that are unclear.

Share this article

Crypto analytics firm Elliptic has published a new report suggesting that the DeFi sector has seen $12 billion in losses over the past two years.

Most Theft Took Place This Year

Elliptic says that more than $12 billion has been lost through DeFi crime. Though the survey accounts for both 2020 and 2021, the majority of losses took place this year with $10.5 billion in losses.

Most of the losses were the result of protocol losses, with $10 billion of losses falling in that category. This category concerns project tokens that lose market value as the result of fraud.

Via Elliptic

Just $2 billion was lost through direct losses—that is, attacks that directly targeted DeFi projects and stole money from the project and its users. This category of incident would include recent attacks on Anubis DAO and Cream Finance, for example.

Elliptic noted that $721 million of the funds lost through direct losses were eventually recovered, making this category less significant.

Attack Strategies and App Types Varied

Those who carried out DeFi attacks employed various strategies. $5.5 billion in losses came from code exploits, while another $5.3 billion came from economic exploits. Admin key exploits accounted for another $1 billion in losses, while “rug pulls,” or exit scams, accounted for just $18 million in losses.

Different types of DeFi apps were targeted to different degrees. Lending apps accounted for 34% of the losses. DEXes accounted for 17.1% of losses, asset management apps accounted for 16.4% of losses, and cross-chain bridges accounted for 13.5% of losses.

Two blockchains were the primary target of the losses tallied by Elliptic. Ethereum-based DeFi apps made up 71% of the total with $8.6 billion in losses, while Binance Smart Chain-based apps made up 21% of the total with $2.5 billion in losses.

Via Elliptic

Other Estimates of DeFi Theft

Elliptic’s numbers are higher than other estimates. In August, CipherTrace suggested that DeFi crime accounted for $361 million in losses in 2021 and $129 million in losses in 2020.

Meanwhile, The Block’s live data tracker suggests that $629 million of funds have been stolen through DeFi exploits since 2020.

Those discrepancies may suggest that Elliptic has surveyed the DeFi terrain more closely than its competitors. Alternately, the fact that it includes token value loss may have driven up its estimate.

Disclosure: At the time of writing, the author of this piece owned less than $100 of BTC, ETH, and altcoins.

Share this article