The bug the Onyx Protocol hacker exploited to steal $2.1 million was previously used by a hacker to extort $7 million from Hundred Finance.
1827 Total views
17 Total shares
Decentralized peer-to-peer lending platform Onyx Protocol lost roughly $2.1 million in an exploit of a market with no liquidity that was deployed on Oct. 27.
The Onyx Protocol hacker exploited a known bug, a rounding issue behind the popular CompoundV2 fork, explained blockchain investigator PeckShield soon after alerting about the hack that went unnoticed by the protocol.
#PeckShieldAlert @OnyxProtocol has been exploited for ~2.1M pic.twitter.com/5Z50tCg6MD
— PeckShieldAlert (@PeckShieldAlert) November 1, 2023
The alleged liquidity lacking oPEPE market was “abused with donation to borrow funds from other markets with liquidity,” found PeckShield’s independent investigation on the matter.
“The donated funds were then redeemed by exploiting the known rounding issue.”
Previously, on April 16, an attacker exploited the same bug to steal $7 million from multichain lending protocol Hundred Finance.
— CertiK Alert (@CertiKAlert) April 15, 2023#CertiKSkynetAlert @HundredFinance’s attacker manipulated the exchange rate between ERC-20 tokens and htokens which allowed them to withdraw more tokens than they had originally deposited. The estimated losses of this attack is around $7.4 million.
Stay vigilant! https://t.co/1hxAnFoNjj
In Hundred’s case, the attacker manipulated the exchange rate between ERC-20 tokens and hTOKENS, allowing them to withdraw more tokens than originally deposited, according to CertiK.
Related: Crypto thief steals $4.4M in a day as toll rises from LastPass breach
Consistent hack attempts from bad actors require a greater understanding of the art of tracking cryptocurrencies.
A recent Cointelegraph Research article details the various methods that can be used to fortify crypto security with blockchain analysis. As explained, tracking stolen crypto using blockchain analysis broadly involves six major steps: transaction tracing, address clustering, behavioral analysis, pattern recognition, regulatory vigilance and collaboration.
Magazine: Slumdog billionaire: Incredible rags-to-riches tale of Polygon’s Sandeep Nailwal
Author: Steven Garcia
Last Updated: 1700166362
Views: 900
Rating: 3.8 / 5 (47 voted)
Reviews: 95% of readers found this page helpful
Name: Steven Garcia
Birthday: 1954-04-06
Address: 11808 Alexis Island Suite 923, Ramirezside, WA 01746
Phone: +4540447706247958
Job: Physiotherapist
Hobby: Poker, Beekeeping, Robotics, Orienteering, Skiing, Drone Flying, Scuba Diving
Introduction: My name is Steven Garcia, I am a fearless, rare, forthright, skilled, rich, dear, expert person who loves writing and wants to share my knowledge and understanding with you.