> For the complete documentation index, see [llms.txt](https://www.digitalnations.xyz/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://www.digitalnations.xyz/web3-overview/the-web3-ecosystem/daos/problems-with-daos/hacks-and-scams.md). # Hacks and Scams Crime is an ongoing problem in the cryptocurrency space and DAOs are not immune. According to blockchain data firm [Chainalysis](https://go.chainalysis.com/2022-Crypto-Crime-Report.html), over $14B was stolen in 2021 across the broader ecosystem. **Criminals Received Over $14B in Cryptocurrencies in 2021**

Source: Chainalysis 2022 Crypto Crime Report

Three of the most popular methods used by criminals include: * Malware: Malicious software that infiltrates a user’s computer, generally gaining access to his or her private keys * Code Exploits: Occur when coders find a vulnerability in a smart contract and leverage that to siphon funds to their own address * Scams: Utilize social engineering to deceive users and steal funds (e.g. a Ponzi Scheme) Let’s take a deeper look into each of these categories below: ## **Malware** Malware was responsible for over $3B of losses in 2021. **Malware Cost Users $3.2B in 2021**

Source: Chainalysis 2022 Crypto Crime Report

The most popular methods used by hackers include: * **Cryptojacking:** The unauthorized use of someone else's computer to mine cryptocurrency. Technically, cryptojackers are stealing computing power (and therefore electricity), but this can be given a numerical value. * **Trojans:** Viruses that look like legitimate programs but instead infiltrate a users computer to steal important data such as a person’s private keys * **Clippers:** Clipping is the process of inserting new text into a user’s clipboard. Hackers use this to insert the address of their crypto wallets, so when a user goes to transfer funds it is redirected to the hacker (note: always triple check the address you’re sending to!) * **Info Stealers:** Collect saved files, autocomplete history and seed phrases from compromised computers. ## **Code Exploit** Like any piece of software, smart contracts with poorly written code have significant vulnerabilities. This is common across the cryptocurrency sphere and the DeFi, NFT, Smart Contract and Web3 spaces all suffered hacks. DAOs will not be the exception to the rule. Projects lost hundreds of millions to hacks in 2021. Notable exploits include: **Notable Hacks in 2021**

Source: Chainalysis 2022 Crypto Crime Report

Ironically the first DAO, known simply as “The DAO”, was the victim of an exploit. The project launched in 2016 and raised $150 million worth of Ether. Less than three months after launching, it was hacked, causing the project to lose $60 million. The DAO hack caused controversy on many levels in the space. Notably, there was a debate on whether or not to reverse the transaction. Doing so would effectively return the funds, but also go against the spirit of decentralization and set a poor precedent. Voters ultimately decided to reverse the attack, “forking” Ethereum blockchain into: * Ethereum: The version that restores the funds lost in the attack to their original addresses. This is the chain that most people use today * Ethereum Classic: The original chain that preserves the hack. Classic is much less popular and trades at approximately 1% of the value of ETH Although the funds were restored, the hacker did not lose out entirely, as he or she still retains possession of Ethereum Classic coins which are now worth $8.5 million. ## **Scams** Outright scams were the largest source of cryptocurrency-based crime, costing users over $7.7B. **Scammers Stole $7.7B in 2021**

Source: Chainalysis 2022 Crypto Crime Report

While there are multiple types of scams in the crypto world (e.g. ponzi schemes, pump-and-dumps), a new form gaining notoriety is the “rug pull”. Rug pulls (aka “rugs”) occur when a founder creates a project with the intent to abandon it and run off with the investor’s funds. Critics argue that the hype around the space, lack of investor protections, ability for founders to remain anonymous and self-custody of funds provide an ideal breeding ground for these types of scams. Indeed, rugs cost investors billions and accounted for 37% of the total crypto scams in 2021 (up from 1% in 2020). They have infected nearly every vertical including DAOs, DeFi, NFTs and cryptocurrencies. Notable projects accused of rug pulling are AnibusDAO, Thordex, Uranium Finance, Meerkat Finance, SnowdogDAO , Squid Game Token and Evolved Apes. While DAOs definitely face a host of problems, they honestly don’t concern me too much. We are still very early and lots of smart people are working hard on finding solutions. In fact, serious problems at this stage of development are to be expected – that’s the nature of disruption. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://www.digitalnations.xyz/web3-overview/the-web3-ecosystem/daos/problems-with-daos/hacks-and-scams.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.