Bitcoin

Hackers exploit audited DeFi protocols: What’s missing?

Hackers exploit audited DeFi protocols: What’s missing?

The post Hackers exploit audited DeFi protocols: What’s missing? appeared on BitcoinEthereumNews.com.

Disclosure: The views and opinions expressed here belong solely to the author and do not represent the views and opinions of crypto.news’ editorial. DeFi is under attack—but not from the threats the industry is used to defending against. While developers meticulously scan lines of code for vulnerabilities, attackers have shifted tactics, exploiting economic weaknesses that lie unnoticed beneath flawless programming.  For instance, the JELLY token exploit on Hyperledger, where attackers were able to siphon over $6 million from Hyperledger’s insurance fund, is a prime example. That exploit wasn’t caused by coding errors at all, but by gameable incentives and unpriced risks that no one had scrutinized. DeFi cybersecurity has come a long way. Smart contract audits—designed to catch bugs in a software’s code—are the norm nowadays. But we urgently need to broaden its scope beyond mere lines of code. Smart contract audits are fundamentally inadequate unless they also analyze economic and game-theoretic risks. The industry’s over-reliance on code-only audits is outdated and dangerous, leaving projects vulnerable to an unending cycle of attacks. Recent attacks drive home the danger of economic exploits In March 2025, Hyperliquid’s exchange, which had its contracts audited, was ambushed by a $6 million exploit involving its JELLY token. How? Attackers didn’t find a bug in the code; they engineered a short squeeze by abusing Hyperliquid’s own liquidation logic, pumping JELLY’s price, and manipulating the platform’s risk parameters. In other words, Hyperliquid’s designers hadn’t priced in certain market behaviors—an oversight that traditional audits didn’t catch. Hyperliquid’s case shows that impeccable code can’t save a project that’s built on shaky economic assumptions. Shortly before the JELLY incident, Polter Finance, a lending protocol on Fantom, was drained of $12 million through a flash loan attack, another common type of attack that relies on economics, not coding vulnerabilities​. The attacker took…

Read More

Related Posts

Hollywood Director Convicted After $11M Netflix Funds Diverted to Crypto Bets

Hollywood Director Convicted After $11M Netflix Funds D...

Bitcoin Price Analysis: BTC’s Next Big Move Is Brewing – Breakout or Breakdown Ahead?

Bitcoin Price Analysis: BTC’s Next Big Move Is Brewing ...

Dogecoin Tests Key Support Near $0.10 as Bullish Cycle Eyes 2026 Highs

Dogecoin Tests Key Support Near $0.10 as Bullish Cycle ...

Bitcoin Sees Reduced Selling Pressure as Fed’s FOMC Meeting Yields Rate Cut: CryptoQuant

Bitcoin Sees Reduced Selling Pressure as Fed’s FOMC Mee...

What Does 2026 Have in Store For The Crypto Market? Binance Co-CEO Offers Insights

What Does 2026 Have in Store For The Crypto Market? Bin...

Cardano Founder Makes Surprise DeFi Move, Targeting the XRP Community

Cardano Founder Makes Surprise DeFi Move, Targeting the...