Ciphertrace, a leading blockchain analytics firm, has released its latest "Cryptocurrency Crime and Anti-Money Laundering Report", revealing a major shift in crypto-related criminal activity from centralized exchanges to decentralized finance (DeFi) protocols. The report examines data from the first four months of 2021 and paints a complex picture: while the overall cryptocurrency sector has become significantly more secure, with only $432 million stolen through illegal activities (compared to $1.9 billion in all of 2020), DeFi-specific losses have already soared to $156 million, surpassing the total for the entire previous year.
Why Crime Is Moving to DeFi
According to Ciphertrace, the exponential growth of the DeFi sector is the primary driver. DeFi now consumes more than one-third of all Ethereum network activity, providing a vast attack surface. Unlike centralized exchanges, DeFi protocols rely on smart contracts, which often contain coding vulnerabilities and logic flaws that can be exploited. Additionally, rug pulls — where developers drain liquidity from a protocol and disappear — have become a hallmark of DeFi scams. End users are also more vulnerable due to a lack of thorough security audits and the complexity of interacting with decentralized applications.
Notable Incidents
The report highlights several major DeFi attacks from the period:
- PAID Network Exploit: Hackers exploited a vulnerability to mint $150 million worth of PAID tokens. The project acknowledged the breach and attempted to pull liquidity to issue a new token, but PAID lost more than 85% of its value, devastating holders.
- Easyfi Private Key Theft: The Polygon-based DeFi protocol lost $80 million after a member of its team had the private key to the project’s wallet stolen from their computer via malware.
- Meerkat Finance: Suspected to be a rug pull, this incident saw the team modify the smart contract logic and drain 31 million BNB (worth approximately $31 million at the time).
What Lies Ahead
Ciphertrace warns that these hacks and exploits are likely to continue — and escalate — as DeFi gains even more relevance in the crypto industry. The report suggests that while overall crypto security has improved (as evidenced by the decline in total losses), the shift to DeFi introduces new, sophisticated attack vectors that require proactive measures from developers, exchanges, and regulators. Enhanced smart contract auditing, user education, and cross-platform coordination are essential to mitigating these emerging threats.

