DeFi Hacks: Dego Finance the latest victim with Over $10M drained from liquidity address

  • DeGo Finance was hacked in the wee hours of Thursday morning, losing a combined $10M alongside GameFi incubator Cocos-BCX.
  • Resultantly, DEGO token dipped 20 percent to trade at $3.65 from $4.50.

The decentralized finance (DeFi) industry continues to be rife with hacks, rug pools, and scams. This time, Dego Finance, a protocol based on the Binance Smart Chain (BSC), was at the receiving end. 

On Feb. 10, hackers compromised the platform’s liquidity address. As a result, they made away with millions of dollars meant for liquidity on decentralized exchanges Uniswap and PancakeSwap.

According to blockchain security and analytics firm Peckshield, the attackers drained over $10 million from both Dego Finance and Ethereum-based GameFi incubator Cocos-BCX. The funds were stolen from a total of 13 addresses belonging to BSC, Ethereum, and Cronos blockchains.

Dego Finance hacked for $10M+

Shortly after the attack was orchestrated, Dego Finance took certain measures to mitigate its losses. The platform has reached an agreement with crypto exchanges Binance, Kucoin, and to discontinue further deposits of its native token, DEGO. It has also urged Uniswap, Poloniex, PancakeSwap, and WazirX among other exchanges to undertake the same measure. Dego Finance now seeks an audience with the hackers, possibly to conduct negotiations in an attempt to return stolen funds:

We’ll keep all stakeholders updated on the latest developments, as well as talk to reputable security teams on how to identify the hacker and retrieve loss. We would ask the hacker to come forward and communicate.

The DEGO token bled in the aftermath of the hack, plummeting 20 percent from $4.50 to $3.65. At reporting time, DEGO has recovered some of this loss, having risen to $4.07, but still 10.4 percent down in the day.

Launched in 2020, Dego Finance billed itself as both a DeFi and NFT (non-fungible token) provider. It claimed to be an open-NFT ecosystem that allowed users to mint, mine, auction, and trade NFTs. Another service was a cross-chain infrastructure that enabled blockchain ventures to ramp up their user base, distribute tokens and create more diversified NFT-based apps. Binance listed the project in its Innovation Zone in March 2021.

DeFi attacks and scams carry on into 2022

Hackers, and equally bad actors in the crypto space – especially DeFi – enjoyed the largest spoils in the history of the industry. Rug pools, for instance, accounted for 37 percent of all scam revenue in 2021, compared to just 1 percent in 2020. A January report by Chainalysis said hacking by North Korean actors grew by 40 percent in 2021, draining $400 million worth of digital assets from crypto platforms in their ‘best’ year yet. 

The events now carry on into the new year, as the nascent DeFi space attempts to strengthen its security protocols and increase the ability for users to identify dubious projects. Peckshield has already reported detecting over 50 suspicious platforms on BSC. Typically, admin “privileges” in such platforms include minting unlimited tokens, restricting token selling, and blacklisting any account.