DFX Finance Was Hacked For $7.5 Million

DFX Finance, a decentralized exchange mechanism for stablecoins linked to the dollar, reported being attacked. Security researchers at BlockSec estimate that an unidentified attacker stole about $7.5 million from DFX.

The DFX Finance team acknowledged the security exploit and said it has paused all of its smart contracts to contain the issue. “We were notified of the suspicious activity within 20-30 mins of the first transaction and executed a pause on all DFX contracts within a few minutes after confirming the attack,” it said.

The incident appeared to be a flash-loan-enabled attack that permitted the hacker to take money from DFX for harmful purposes. Only $4.3 million of the $7.5 million in stolen assets could be transferred by the attacker into their wallet, including $500,000 in stablecoins and 2963 ether ($3.8 million).

About $3.2 million of the remaining stolen assets were taken by a MEV bot in a front-running transaction, often known as a sandwich assault. If the bot operator is willing, the monies that were harvested by the bot can be restored from an address under their control. The operator has previously been requested to return them by DFX Finance.

The hacker took advantage of a flaky flash-loan system that DFX Finance was providing on the Ethereum blockchain. A flash loan is a feature that allows users to borrow huge amounts of bitcoin without providing any security, but only if they return the money in the same transaction.

During the attack, the attacker borrowed stablecoins from DFX Finance and used a “insecure callback function” to avoid its flash-loan checks to deposit them back into DFX’s liquidity pools. The attacker still had liquidity pool tokens after the flash loan, which they sold.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Website: coincu.com

Annie

CoinCu News