Fun

‘Sophisticated’ Hacker Plunders $450,000 From Defi Protocol Balancer

News Feed - 2020-06-30 02:06:54

"Sophisticated" Hacker Plunders $450,000 From Defi Protocol Balancer


Decentralized finance (Defi) protocol ​Balancer was on Sunday hacked for more than $450,000 worth of cryptocurrency.


In two separate transactions, an attacker targeted two pools containing Ethereum-based tokens with transfer fees – or so-called deflationary tokens.


Pools with Sta and Stonk tokens were affected by this exploit, Balancer, an automated market marker protocol, said on June 29.


The hacker made off with around 601 ether, 11 wrapped bitcoin (WBTC), 22,600 chainlink (LINK), and 61,000 synthetix (SNX) – altogether totaling more than $451,000.


According to an analysis by Dex aggregator 1inch.exchange, the attacker used a smart contract to automate multiple actions in a single transaction. First, the hacker obtained a flash loan of $23 million worth of ethereum from the crypto-lending platform Dydx.


The money was used to swap Weth to Statera (Sta), a so-called deflationary token, back and forth 24 times until the Sta balance was totally drained. With Sta, at least one percent of the token is programmed to burn with every transaction.


However, the Balancer pool apparently failed to account for this mechanism. So, the Sta balance declined by one percent every time the attacker made their 24 swaps. After this, the hacker exchanged 1 weiSta, or the equivalent of a billionth of a token, to Weth several times.


Due to Sta token transfer fee implementation, the pool never received statera, but still proceeded to release the wrapped ether regardless, said 1inch. The same step was repeated to drain WBTC, SNX, and link token balances from the pool, it added.


Finally, the attacker repaid the $23 million Dydx loan. Later, they converted the Sta tokens to Balancer pool tokens and eventually into ethereum via Uniswap, which was then cashed out.


1inch noted that the attack was carried out by a “sophisticated smart contract engineer” who is deeply knowledgeable about decentralized finance and its protocols.


Balancer claimed that “we were not aware this specific type of attack was possible, [but] we have consistently…warned about the unintended effects ERC20s with transfer fees could have in the protocol.”


To prevent future attacks, the platform said that it will start to add ‘transfer fee tokens to the UI blacklist similarly to what we have done for no bool transfer tokens.”


“We will be adding more documentation around the risks of how these pools work and how broken or maliciously designed tokens can potentially drain assets from a pool,” it added.


A number of Defi platforms have been hacked this year.​ In February, Bzx protocol was attacked twice while Maker lost around $8.3 million in March. Uniswap and Dforce were drained of $300,000 and $25 million, respectively, although this later amount was returned by the hacker in April.


What do you think about the Balancer pool hack? Let us know in the comments section below.Skeptics Concerned Plustoken Scammers Plan to Dump $187M Worth of EthereumALTCOINS | 1 day agoYield Farming Pool Concept May Solidify Ethereum"s Role as BTC"s Main SidechainALTCOINS | 3 days agoTags in this story1inch, Balancer pool hack, decentralized finance, Dforce, ERC20 Tokens, hacked, Maker, uniswap


Image Credits: Shutterstock, Pixabay, Wiki CommonsSpot-markets for Bitcoin, Bitcoin Cash, Ripple, Litecoin and more. Start your trading here.Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.Read disclaimer Show comments

News Feed

Crypto Exchange Bybit Does Not Plan to Sanction Russian Users Despite MAS Call, Report
Crypto Exchange Bybit Does Not Plan to Sanction Russian Users Despite MAS Call, Report Cryptocurrency exchange Bybit has no intention to introduce restrictions for Russian traders,
Crypto Analyst Predicts Major Price Crash For Shiba Inu, But It’s Not All Bad News
Este artículo también está disponible en español. Crypto analyst MadWhale has predicted that the Shiba Inu price could suffer a significant crash soon enough. Based on th
Halving & Burns on BitGesell – the Optimal Combination for Scarcity and Value in the Crypto Age
Halving & Burns on BitGesell - the Optimal Combination for Scarcity and Value in the Crypto Age BitGesell represents a deflationary cryptocurrency that closely r
Bitcoin, Ethereum Technical Analysis: ETH Lower, as USD Gains Following Strong Q3 Earnings
Bitcoin, Ethereum Technical Analysis: ETH Lower, as USD Gains Following Strong Q3 Earnings Ethereum was back below the $1,300 level on Wednesday, as the U.S. dollar rose following
Biggest Movers: LTC Moves to 6-Month High, SOL up Nearly 20%
Biggest Movers: LTC Moves to 6-Month High, SOL up Nearly 20% Litecoin extended recent gains on Nov. 23, with the token climbing to its highest point since May. The move saw prices
Tom Blackstone7 hours agoOKX launches Ethereum layer-2 testnet using ZK-based Polygon CDKThe “X1” network will be part of the Polygon ecosystem and use zero-knowledge proofs to bridge assets from Ethereum.2068 Total
Silk Road Bitcoin Seizure: Analytics Firm Claims Tokens Worth Millions Still Outstanding
Silk Road Bitcoin Seizure: Analytics Firm Claims Tokens Worth Millions Still Outstanding Analytics firm Coinfirm says the US Department of Justice (DOJ)’s
Billionaire Stan Druckenmiller Prefers Bitcoin Over Gold in ‘Inflationary Bull Market’
Billionaire Stan Druckenmiller Prefers Bitcoin Over Gold in "Inflationary Bull Market" Renowned billionaire hedge fund manager Stanley Druckenmiller says that in an inflationary bu
Santander to Offer Cryptocurrency Services in Brazil in the Coming Months
Santander to Offer Cryptocurrency Services in Brazil in the Coming Months Santander, one of the biggest banking institutions in the world, has announced it will start offering cryp
Cryptocurrency Gaining Mainstream Interest as Payment Option: Report
Cryptocurrency Gaining Mainstream Interest as Payment Option: Report Cryptocurrency is gaining mainstream traction among consumers who want to use it for purchas
5 Crypto Presales Trending This January You Don’t Want to Miss
Este artículo también está disponible en español. There have been some heavy-belt XRP ($XRP) and Dogecoin ($DOGE) buyers in the last two days, for a combined total of $2.
Bitcoin Consolidates Below Resistance — Can It Seal A Weekly Close Over $107,720?
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu