Footprint Analytics: Over 600 Projects Got REKT in 2021, $2.2B Lost | Annual Report 2021

In the crypto world, there are 4 main ways you can get REKT (“experience significant financial loss due to shady malfeasance”—in crypto terms.) 

• An exit scam is a project that simply vanishes with investors’ money during or after going live.
• A honeypot lures investors into vulnerable contracts that contain hidden traps locking their assets 
• An exploit attack takes advantage of vulnerabilities in applications, networks, and operating systems.
• A flash loan attack involves taking out a flash loan (a form of uncollateralized lending) from a lending protocol and manipulating the market in your favor.

According to Footprint Analytics, over 600 projects got REKT in 2021. One third of these were recorded to encounter fund loss, accumulating to the amount of $2.2 billion. 

Compared to 2020, approximately 450 more projects were hacked, causing 10x more funds being lost.  Looking at the data, here are the findings. 

Finding 1: Exit Scams and Honeypots Were the Most Popular Crypto Scams

Exit scams and honeypots accounted for 50% and 30% of all scams in 2021, respectively. Compared to the previous year, the percentage of honeypots has increased by 16%.

Most exit scams happened between August and September, mostly on BSC and Polygon.

As for honeypots, September was the most severe month, especially on BSC, accounting for nearly 70% of this kind of scam.

Finding 2: BSC made up 53% of REKT Attacks

Compared to the previous year, the number of attacks on BSC increased from 9 to 319. Polygon, a new blockchain in 2021, also got 12% of the brunt.

Exit scams and honeypots were the two major types of attacks on BSC. It is worth noting that the former had a huge explosion in August, likely due to the fast growth of project numbers on BSC and the accumulated funds on these projects. This will be explained later in the article. 

Finding 3: 67% of All Funds Lost Happened on Ethereum

Although most attacks happened on BSC, more funds were lost on Ethereum, mainly through exploit and flash loan attacks. The amount of money lost grew by 500% compared to 2020.

Here is the list of attacks by funds lost: 

From the above attacks, 50% of them have lost $10K to $1M funds, another 35% was between $1M and $50M.

Poly Network was the biggest victim of all, losing $602 million caused by an exploit in August. The biggest flash loan victim was Cream Finance, where $130 million was lost. 

Why Did Scams and Attacks Thrive in 2021? 

One reason for the increasing number of attacks comes from the rapid growth of blockchain DApps. The current number of DeFi protocols reached 977 across 86 chains. 

Another reason is that more and more hackers have noticed the increasing TVL of crypto and blockchain projects.  

Why Did BSC See the Most Attacks? 

Most projects on BSC, a Layer 2 chain to Ethereum, have been built by simply forking Ethereum protocols. Many of these have little innovation, long-term development plans or an understanding of the basic logic behind the code. 

These factors make the projects vulnerable to hackers, who can easily discover loopholes in a protocol. Once the TVL accumulated on similar projects grows large enough, it is the timing for them to conduct attacks. 

Furthermore, low gas fees on BSC make conducting attacks much more feasible.

Thoughts on Not Getting REKT

In 2021, more and more people entered the crypto world. 

Some bought a few tokens, others invested in DeFi projects, and others still bought NFTs, or even moved in next door to celebrities in the metaverse. Widespread adoption of this technology entails more hacking, scams and attacks. 

DeFi developers should therefore focus more on safety awareness, such as conducting logic checks on code to rule out possible vulnerabilities, and to seek help from professional auditing teams.

Investors will need to perform more due diligence as the thriving blockchain industry attracts more bad actors. If you’re just getting started, watch out for:

• Projects with crazy incentives.
• Suspicious links in group chats, direct messages from strangers, or search engine results. Never send out your private key or seed—this is the most important rule to protect yourself from phishing attacks. 
• Airdrops that claim to give you astronomical returns for your tokens.

The only way to not get REKT is to stay calm and think clearly.

Benefits for CryptoSlate Reader

From 11 to 25 January 2022, click this hyperlink on CryptoSlate to get a free 7-day trial of Footprint Analytics! New users only!

Date and Author: Jan13th 2022, [email protected]

 Data Source:  REKT Overview in 2021  

This article is part of our Year in Review series.

What is Footprint Analytics?

Footprint Analytics is an all-in-one analysis platform to visualize blockchain data and discover insights. It cleans and integrates on-chain data so users of any experience level can quickly start researching tokens, projects and protocols. With over a thousand dashboard templates plus a drag-and-drop interface, anyone can build their own customized charts in minutes. Uncover blockchain data and invest smarter with Footprint.