Scam Alert

The Total Damage Of Sentiment Exploitation Come To Nearly $1 Million

Key Points:

  • On April 4, the Sentiment liquidity mechanism on the Arbitrum blockchain was attacked for over $1 million in different tokens.
  • To carry out the theft, the exploiter seems to have exploited a re-entry vulnerability.
  • Sentiment contacted the hacker and offered them 10% of the stolen monies as a reward.
Detailed investigation revealed that DeFi lending protocol Sentiment liquidity protocol on the Arbitrum blockchain was attacked on April 4 for almost $1 million in various tokens, including wrapped Bitcoin and Ether, and several different stablecoins.
The Total Damage Of Sentiment Exploitation Come To Nearly $1 Million 2

The attacker seems to have stolen the tokens via a re-entrancy vulnerability, then switched them and bridged them to the Ethereum main chain.

According to CertiK, the fundamental reason is Balancer’s read-only reentry.

In order to determine the price, the price oracle employed depends on the balances of the assets in the pool and the total quantity of the LP tokens (B-33WETH-33WBTC-33USDC).

To influence the price, the exploiter used 606 WBTC, 10,000 WETH, and 18 million USDC to use the Balancer vault’s ‘joinPool’ function, increasing the overall supply of the LP coin. He then withdrew the funds by using ‘exitPool(),’ which sent 606.8 WBTC, 1,000 ETH, and 17.9 million USDC consecutively.

Among these transactions, moving ETH back will activate the exploiter contract’s fallback feature. Since the overall supply is reduced in the fallback function, but the recorded balances of WBTC, WETH, and USDC are not changed in the pool, the price is tilted, and the attacker may borrow numerous assets at the slanted price.

Sentiment is now examining the protocol’s stolen cash. The team has made efforts to determine the core cause of the breach and prevent the possibility of subsequent losses. The team has contacted law enforcement and has collaborated with third-party auditors and security organizations.

Sentiment sent a message to the hacker a few hours ago, promising to let them retain 10% of the stolen monies as a reward if they returned the remainder. The letter promised a $95,000 payment if the assets were returned before 8 a.m. UTC on April 6. If the prize is not returned, Sentiment will be distributed to individuals who provide information on the hacker.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Harold

Coincu News

Harold

With a passion for untangling the complexities of the financial world, I've spent over four years in financial journalism, covering everything from traditional equities to the cutting edge of venture capital. "The financial markets are a fascinating puzzle," I often say, "and I love helping people make sense of them." That's what drives me to bring clear and insightful financial journalism to the readers of Coincu.

Recent Posts

Gate.io Shatters Records in Total Trading Volume in Q3 2024, with Its User Base Surpassing 17 Million

In the third quarter of 2024, despite a challenging market environment, Gate.io maintained strong growth…

19 mins ago

MEXC Champions the Future of Crypto Content Creation at CCCC

MEXC is proud to partner with the inaugural Crypto Content Creator Campus CCCC event, taking…

19 mins ago

Dtec Announces Global Partnership with DİZAYNVIP to Elevate AI-Driven Mobility Design  

Dtec and DİZAYNVIP partner to merge AI technology with luxury vehicle design, revolutionizing smart mobility…

1 hour ago

Bitcoin Spot ETF Outflows Reach Second Highest in History

Bitcoin Spot ETF Outflows hit $541M on November 4, the second-highest single-day outflow in history.…

5 hours ago

PropiChain’s Token Presale Turns Heads as the First DeFi Platform to Merge NFTs with AI 

The hype around PropiChain’s token presale is due to its innovative integration of NFTs and…

8 hours ago

UK Pension Fund Cartwright Encourages 3% Allocation to Bitcoin Investment

UK pension fund Cartwright advised the country's first defined benefit pension fund to allocate 3%…

10 hours ago

This website uses cookies.