Hundred Finance, a DeFi lending platform, lost over 2363 ETH (about $6.5 million) in a reentrancy attack on March 16. SlowMist, a blockchain security firm, tweeted about the assault, breaking it down and displaying the movement of assets.
The hacker employed the Tornado Cash mixing service to hide the trail of the payments, which is common among bad actors carrying out similar assaults. The hacker’s address sent cash to the Gnosis network, where they were used to establish fraudulent contracts that borrowed millions in flash loans from SushiSwap as collateral on Hundred Finance.
They then took advantage of a defect in the loan contract, borrowed more than their collateral offered, and continued to do so until millions were created. These funds were converted to ETH before being returned to the Ethereum network.
SlowMist advised teams to be cautious when utilizing non-ERC20 token contracts and to check to see whether they are compatible. It also suggested that:
“contract amounts should be recorded before token transfers, and the Checks-Effects-Interactions rules should be followed to avoid issues like this in the future.”
2022 has already seen multiple attacks in the DeFi sector, and it’s easy to understand why: hackers recognize a lot to be gained from the numerous projects expanding in TVL on a daily basis.
This is another another reentry assault on a DeFi project that has a history of being exploited. Hackers have long exploited flaws in smart contracts to drain revenue, creating a massive headache for teams.
Grim Finance lost $30 million in a similar attack last year, as did Cream Finance, which was targeted three times in 2021. According to CertiK, a security organization that examines smart contracts, 44 DeFi attacks will occur in 2021 as a result of centralization.
Crypto insurance is one solution that has been presented to help with the situation. However, this has yet to completely take effect, and investors continue to lose money. The most critical step that projects can take is to guarantee that their smart contract works properly. When it comes to investing these days, this has become a critical decision.
Join CoinCu Telegram to keep track of news: https://t.me/coincunews
Follow CoinCu Youtube Channel | Follow CoinCu Facebook page
Patrick
CoinCu News
Bitcoin Spot ETF Outflows hit $541M on November 4, the second-highest single-day outflow in history.…
The hype around PropiChain’s token presale is due to its innovative integration of NFTs and…
UK pension fund Cartwright advised the country's first defined benefit pension fund to allocate 3%…
a16z and Coinbase have pledged substantial funds to crypto PAC Fairshake, aiming to support crypto-friendly…
Bitcoin (BTC), Ethereum (ETH), and Solana (SOL) dominate the crypto market, but experts warn that…
Discover the future as the Dogecoin price aims for a $0.7 comeback and discover why…
This website uses cookies.