Decentralised finance is the most recent battleground in the crypto hacking issue.

For the first 13 years of cryptocurrency's existence, exchanges were the epicenter of cybercrime. Peer-to-peer crypto networks have now become a larger hacking concern in the rapidly expanding industry.

Poly Network, one of these sites, was the target of a $610 million crypto heist last week, one of the largest in history. The decentralised finance (DeFi) network claimed the "white hat" hacker or hackers had returned almost all of the money within days of the theft.

Interviews with industry leaders, attorneys, and analysts reveal that the unexpected conclusion to the Poly Network story conceals fast-emerging dangers in this expanding sector of crypto, where an estimated $80 billion or more is stored.

DeFi services enable users to lend, borrow, and store bitcoins while avoiding conventional financial gatekeepers like banks and exchanges. Supporters argue that the technology allows for more affordable and efficient access to financial services.

However, the theft at Poly Network, a previously unknown site, has shown DeFi's susceptibility to criminality.

Bugs in the open-source code used by websites are often exploited by would-be thieves. And, since regulation is still uneven, victims often have little or no redress.

Crypto cybercriminals have previously targeted centralized exchanges, which serve as intermediaries between buyers and sellers of cryptocurrency.

Mt.Gox, a Tokyo-based exchange, for example, was hacked and lost half a billion dollars in 2014. In 2018, a $530 million theft struck Coincheck, which is also headquartered in Tokyo.

Many big exchanges have subsequently beefed up security in the face of regulatory scrutiny and the need to attract mainstream investors, and large-scale heists are now uncommon.

LESS SAFETY

According to Ross Middleton, chief financial officer of DeFi platform DeversiFi, a focus on security at big platforms like Coinbase Global Inc has pushed less-secure venues to the sidelines.

"What's happened is that the larger exchanges have become very excellent (on security), and the lesser exchanges have vanished," he said. "At this point, the border is unmistakably DeFi."

According to crypto intelligence company CipherTrace, losses from crime on DeFi platforms are at an all-time high, with thieves, hackers, and fraudsters making off with $474 million from January to July.

The increase occurred when money flowed into DeFi, reflecting overall crypto movements. According to DeFi Pulse, the overall worth of such sites has risen to more than $80 billion, up from only $6 billion a year ago.

Security concerns, according to DeFi experts, tend to be found on newer sites that may operate on less secure code.

"The security and risk gap between established, battle-tested DeFi protocols and new, untested DeFi protocols is growing," said Rune Christensen, the former director of the organization behind high-profile DeFi software Maker.

The usage of open-source code, according to proponents, allows users to rapidly identify and resolve flaws, lowering the risk of crime. They claim that DeFi can police itself.

DeFi is becoming more important to financial regulators and governments across the globe that are seeking to regulate the crypto industry.

ACTIONS TAKEN BY THE LAW ENFORCEMENT

Gary Gensler, the chairman of the Securities and Exchange Commission (SEC), has indicated that he would take a strong position on DeFi.

In a speech earlier this month, he said that such platforms might be covered by securities laws in the United States, and urged Congress to create legislation to regulate DeFi and crypto trading.

The SEC filed its first enforcement action against DeFi tech this month, claiming that the business sold unregistered securities and deceived investors. Further inquiries about the SEC's position were not answered.

The US Commodity Futures Trading Commission has also indicated that it would be scrutinized more closely.

CommissionerDan Berkovitz referred to DeFi as a "Hobbesian marketplace" in June, referring to a 17th century philosopher who described life without government as "nasty, brutish, and short." He said that unlicensed DeFi systems for derivatives were breaking commodities trading regulations.

Moves are slower elsewhere. In the United Kingdom, for example, DeFi is still off the political radar.

While certain DeFi operations may come within its purview, most of the industry is uncontrolled, according to a spokesman for the UK's financial watchdog.

According to some experts, further regulation is unavoidable, since there is little evidence that DeFi sites can perform the job on their own.

"The sad issue is that in the DeFi industry, (Poly Network) was viewed as simply another Tuesday," said Tim Swanson of blockchain company Clearmatics.