DeFi protocol bZx suffers from phishing attack, loss of approximately $ 55 million
The area of decentralized financing is growing rapidly. The total value locked in DeFi is over $ 250 billion at the time of writing. However, such a growth rate also has many negative effects on the ecosystem.
In the first 4 months of 2021, the DeFi sector lost around $ 240 million. These are only publicly reported cases, so actual damage estimates can run into billions.
bZx, a DeFi protocol based on both Ethereum and Binance Smart Chain, has become the latest victim of a $ 55 million miner due to a developer error.
have bZx operators tweets:
“It appears that the private key that controls the deployment on Polygon and BSC has been compromised, resulting in the loss of funds. The implementation on Ethereum is controlled by the DAO and is not affected. We will announce more details shortly.
Today’s incident is not a log hack. It is a phishing attack against the bZx developer. bZx on Ethereum is not compromised, only BSC + Polygon. Our fund is very strong and the community will decide the amount of compensation. The incident is being investigated. ”
The Ethereum implementation, governance and the DAO treasury of the protocol are all unaffected as the private key for the Ethereum implementation of bZx is secured by a multi-party contract and is regulated by the DAO.
follow estimate from security firm Slow Mist, “stolen more than $ 55 million to date”.
The source: Slow fog
About 25% of the said amount was withdrawn from the wallet. The rest belongs to the user.
“We are still investigating this incident. If you approved a token for the bZx contract on Polygon or BSC, please cancel the approval asap, ”the team said.
In addition, the protocol temporarily disables the BSC and Polygon user interface. Meanwhile, the application on Ethereum continues to work normally.
After this unfortunate event, the protocol team was quickly attacked announced Add some information to be updated for users. They said the incident was not a protocol hack. It was a phishing attack aimed at a bZx developer.
“A bZx developer revealed his private key to his private wallet in a phishing attack. The incident is similar to the recent attack on another user named “mgnr.io”.
This attack gave the hacker access to assets in the bZx developer’s wallet as well as the private keys of the bZx protocol implementations on BSC and Polygon. Needless to say, the hacker pulled funds out of the log from BSC and Polygon.
In addition, the team also tracked the hacker’s IP address from the log of the bZx application and the KuCoin account log.
The source: bZx.network
This isn’t the first hack for this protocol. They also encountered similar illegal activity in a margin loan exploit last year. After that, the team claimed they got the money back.
Overall, projects based on Binance Smart Chain and Polygon were hacked several times in the past year. For example, the ranking of decentralized trading protocols on Binance Smart Chain was hacked, resulting in losses of around $ 139 million.
Join Bitcoin Magazine Telegram to keep track of news and comment on this article: https://t.me/coincunews
At home at home
follow AZCoin News