While illicit activity has fallen in the broader cryptocurrency community, it’s been rising sharply in  decentralized finance (DeFi) protocols. Of the $1.7 billion worth of cryptocurrency stolen in 2022, 97% of it has come from DeFi protocols, according to a new report from blockchain analytics firm Chainalysis.

That stat has largely been driven by two huge attacks earlier this year: the $622 million Ronin Bridge at the end of March and the $320 million Wormhole attack in February.

It’s a continuation of a trend that Chainalysis noted in 2021, as attacks on DeFi protocols began to rise throughout the year.

quarterly-crypto-value-stolen-from-defi-chart
Source: Chainalysis

The increase in theft has been accompanied by an increase in money laundering as well. 

DeFi protocols have been the destination for 69% of funds sent from wallet addresses associated with criminal activity so far in 2022, up from 19% in 2021.

“One reason for this is that DeFi protocols allow users to trade one type of cryptocurrency for another, which makes it more complicated to track the movement of funds,” Chainalysis writes in its report. “But unlike centralized services, many DeFi protocols provide this ability without taking KYC information from users,” something that the firm argues makes them “attractive to criminals.”

KYC, or know-your-customer, refers to the personal information traditional financial institutions and most centralized crypto services collect from customers, with the aim of weeding out illicit transactions and criminal activity.

To that end, there’s been some attempt by governments around the world to intervene. And with good reason: North Korean hackers have already had their biggest year in 2022, having stolen more than $840 million entirely from DeFi protocols, according to Chainalysis.

Last week, the U.S. Treasury Department added cryptocurrency mixing service Blender.io, used by North Korean hackers Lazarus Group, to its sanctions list. According to the Treasury, at least $21 million of the $622 million stolen in the Ronin Bridge hack has already been processed through Blender.

“Virtual currency mixers that assist illicit transactions pose a threat to U.S. national security interests,” Brian E. Nelson, U.S. under secretary of the treasury for terrorism and financial intelligence, said in a press release last week. “We are taking action against illicit financial activity by the DPRK and will not allow state-sponsored thievery and its money-laundering enablers to go unanswered.”

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.