Langsung ke konten utama

‘Sophisticated’ Hacker Plunders $450,000 From Defi Protocol Balancer

'Sophisticated' Hacker Plunders $450,000 From Defi Protocol Balancer

Decentralized finance (Defi) protocol ​Balancer was on Sunday hacked for more than $450,000 worth of cryptocurrency.

In two separate transactions, an attacker targeted two pools containing Ethereum-based tokens with transfer fees – or so-called deflationary tokens.

Pools with Sta and Stonk tokens were affected by this exploit, Balancer, an automated market marker protocol, said on June 29.

The hacker made off with around 601 ether, 11 wrapped bitcoin (WBTC), 22,600 chainlink (LINK), and 61,000 synthetix (SNX) – altogether totaling more than $451,000.

According to an analysis by Dex aggregator 1inch.exchange, the attacker used a smart contract to automate multiple actions in a single transaction. First, the hacker obtained a flash loan of $23 million worth of ethereum from the crypto-lending platform Dydx.

The money was used to swap Weth to Statera (Sta), a so-called deflationary token, back and forth 24 times until the Sta balance was totally drained. With Sta, at least one percent of the token is programmed to burn with every transaction.

However, the Balancer pool apparently failed to account for this mechanism. So, the Sta balance declined by one percent every time the attacker made their 24 swaps. After this, the hacker exchanged 1 weiSta, or the equivalent of a billionth of a token, to Weth several times.

Due to Sta token transfer fee implementation, the pool never received statera, but still proceeded to release the wrapped ether regardless, said 1inch. The same step was repeated to drain WBTC, SNX, and link token balances from the pool, it added.

Finally, the attacker repaid the $23 million Dydx loan. Later, they converted the Sta tokens to Balancer pool tokens and eventually into ethereum via Uniswap, which was then cashed out.

1inch noted that the attack was carried out by a “sophisticated smart contract engineer” who is deeply knowledgeable about decentralized finance and its protocols.

Balancer claimed that “we were not aware this specific type of attack was possible, [but] we have consistently…warned about the unintended effects ERC20s with transfer fees could have in the protocol.”

To prevent future attacks, the platform said that it will start to add ‘transfer fee tokens to the UI blacklist similarly to what we have done for no bool transfer tokens.”

“We will be adding more documentation around the risks of how these pools work and how broken or maliciously designed tokens can potentially drain assets from a pool,” it added.

A number of Defi platforms have been hacked this year.​ In February, Bzx protocol was attacked twice while Maker lost around $8.3 million in March. Uniswap and Dforce were drained of $300,000 and $25 million, respectively, although this later amount was returned by the hacker in April.

What do you think about the Balancer pool hack? Let us know in the comments section below.

The post ‘Sophisticated’ Hacker Plunders $450,000 From Defi Protocol Balancer appeared first on Bitcoin News.



source https://news.bitcoin.com/sophisticated-hacker-plunders-450000-from-defi-protocol-balancer/

Label

Label:

Komentar

Posting Komentar

Postingan populer dari blog ini

Barry Silbert Resigns as Chairman of Grayscale Investments

Digital Currency Group (DCG) founder Barry Silbert has resigned from his position as the chairman of Grayscale Investments. Current DCG chief financial officer Mark Shifke succeeds Silbert and is joined by Edward McGee and Matthew Kummell as members of the new look board. Preparing for Grayscale’s Next Chapter Barry Silbert, the founder and CEO of Digital Currency Group, has resigned from his position as chairman of the digital asset management company Grayscale and will be replaced by Mark Shifke. According to the company’s filing with the Securities and Exchange Commission (SEC), starting Jan. 1, 2024, Grayscale’s board will be composed of Mark Shifke, Matthew Kummell, and Edward McGee. Current Grayscale Investments CEO Michael Sonnenshein is also a board member, while Mark Murphy, the president of Digital Currency Group (DCG), departs alongside Silbert. Commenting on the changes to the board, an unidentified Grayscale spokeswoman reportedly said: “Grayscale and our investors ...
Posting Komentar
Baca selengkapnya

Bitcoin 2024: Ten Months in Review, Key Milestones, and Expert Predictions for Year-End

As of Nov. 11, 2024, bitcoin (BTC), the undisputed crypto heavyweight, has enjoyed a phenomenal year. Over the last ten months, it has been breaking records across the board. From hashrates to daily transaction peaks, price surges, and making an impact in non-fungible tokens (NFTs) and decentralized finance (defi), BTC has been on a non-stop […] source https://news.bitcoin.com/bitcoin-2024-ten-months-in-review-key-milestones-and-expert-predictions-for-year-end/
Posting Komentar
Baca selengkapnya

Cryptoquant CEO: US Strategic Bitcoin Reserve Adoption Unlikely Amid Economic Strength

Since Donald Trump was elected the 47th President of the United States, bitcoin advocates have faced skepticism about whether his administration and the forthcoming Congress would introduce a strategic bitcoin reserve. Cryptoquant CEO: ‘Bitcoin Standard’ Needs U.S. Economic Decline to Gain Traction Ki Young Ju, CEO of Cryptoquant, took to social media to voice his […] source https://news.bitcoin.com/cryptoquant-ceo-us-strategic-bitcoin-reserve-adoption-unlikely-amid-economic-strength/
Posting Komentar
Baca selengkapnya