DeFi exploded in popularity in 2020 — and so did stealing from DeFi platforms. In all, there were 15 hacks of DeFi platforms amounting to $120 million funds being stolen.
Hackers nabbed bounties ranging from $135,000 and $25 million, according to The Block Research. Only $45.6 million was recovered.
One protocol — bZx — was exploited twice in February via a contract bug that let the hacker execute a flash loan attack that netted around 1,200 ETH.
The DeFi hack with the largest stolen sum was Lendf.me’s $25 million attack. A reentrancy attack vector allowed a hacker to interact with a token contract as if they had lots of collateral, which they didn’t. The attacker then stole all the assets on the platform, only to subsequently return them.
For more information on DeFi the exploitation and hacks and hacks of 2020, see The Block Research 2021 Digital Asset Outlook Report.