The DeFi protocol StakeSteak on the Fantom network announced an exploit that allowed hackers to steal a large amount of the platform’s STEAK tokens, dropping the price by up to 99%.
The Fantom network, which aims to keep the prices of the stablecoins fUSD and USDC stable, just experienced an exploit after hackers stole a private key from one of their repositories on Github. The same thing has happened for more than 5 months, the protocol developers revealed in a detailed published study publication yesterday (October 5th).
“Attackers were able to gain access to the STEAK implementer’s account based on the private keys that were displayed on Github when the public steak contracts were first committed on May 19th.”
Two different accounts were used to exploit the vulnerability. The first attacker burned around 140,823 STEAK from the liquidity provider when the 5 million STEAK supply was pre-mined. They were then able to transfer the same amount of STEAK from the compromised deployer’s account to their own.
You then devalue liquidity provider tokens for the STEAK-FTM liquidity pool and withdraw funds from several developer wallets. They picked up 80,636 FTMs valued at $ 115,309.
The second attacker minted an additional 30,000 STEAK while stealing 18,386 fUSD-USDC LP, 9,719 USDC, and 387 FTM from the STEAK warehouse. A total of 81,351 USDC flew in color.
The STEAKs coined by the attackers were brought to market, which resulted in a decrease of almost 93% within a few minutes. At the time of writing, STEAK is down 99% of its value and is trading at $ 0.045, down from $ 4.84 before the hack.
Source: TradingView
The trading volume of STEAK also increased by 1,062.41%. Though StakeSteak developers have warned users not to “buy” STEAK tokens on Twitter.
https://twitter.com/FTMAlerts/status/1445015489042919426?ref_src=twsrc%5Etfw” target=”_blank” rel=”nofollow noopener“Don’t buy STEAK tokens, folks. If the PK is inactive, the token cannot be revived unless a new token is provided.
In this particular case, buying a dip is not a wise choice. “
Unlike previous crypto hacks, StakeSteak cannot be easily fixed. If the private key is compromised, the only way for developers to recover it is to create and deploy a new contract. They decided to rename the protocol as part of their recovery plan as they wanted to move “from staking STEAK” to “more useful and practical products”.
The developers wanted to come up with a new name for the protocol and make it more professional, so they asked the community to vote.
StakeSteak explains the compensation plan after the hack. The snapshot taken before the crash counts for all STEAK token holders, including xSTEAK, STEAK-FTM LP, STEAK-fUSD, STEAK-iFUSD, and STEAK-FTM. Tokens of the addresses in the snapshot are converted into the new token accordingly. However, LP is better compensated.
Just a week ago, another DeFi protocol, Compound Finance, was exploited through a bug in an update to the distribution mechanism, which resulted in more than $ 80 million in funds being compromised. Although the StakeSteak attack is much smaller, it indicates a worrying trend in protocol vulnerabilities.
Join Bitcoin Magazine Telegram to keep track of news and comment on this article: https://t.me/coincunews
Teacher
According to AMBCrypto
Follow the Youtube Channel | Subscribe to telegram channel | Follow the Facebook page
Bitcoin Spot ETF Outflows hit $541M on November 4, the second-highest single-day outflow in history.…
The hype around PropiChain’s token presale is due to its innovative integration of NFTs and…
UK pension fund Cartwright advised the country's first defined benefit pension fund to allocate 3%…
a16z and Coinbase have pledged substantial funds to crypto PAC Fairshake, aiming to support crypto-friendly…
Bitcoin (BTC), Ethereum (ETH), and Solana (SOL) dominate the crypto market, but experts warn that…
Discover the future as the Dogecoin price aims for a $0.7 comeback and discover why…
This website uses cookies.