Fun

DeFi protocol removed an important line of code that led to a $212K hack

News Feed - 2024-08-02 01:08:57

Brayden Lindrea4 hours agoDeFi protocol removed an important line of code that led to a $212K hackThe attack occurred around 3 am UTC on Aug. 1, leading Convergence’s native token CVG to plummet over 99%.1343 Total views2 Total sharesListen to article 0:00NewsOwn this piece of crypto historyCollect this article as NFTCOINTELEGRAPH IN YOUR SOCIAL FEEDFollow ourSubscribe onDecentralized finance protocol Convergence has confirmed it was hacked via a smart contract exploit on Aug. 1, with a hacker minting and selling $210 million in its native token, as well as stealing $2,000 in unclaimed staking rewards.


According to a newly released post-mortem from Wireshark, the pseudonymous founder of the Convergence protocol, the hacker exploited the protocol’s CvxRewardDistributor contract, allowing them to mint and sell 58 million CVG tokens for approximately $210,000.


The hacker also stole approximately $2,000 of unclaimed rewards from Convex, a DeFi protocol designed to maximize rewards for Curve liquidity providers.


According to Etherscan, the attack occurred on Aug. 1 at around 3:00 am UTC.


Blockchain security firm PeckShield noted that after minting the CVG tokens, the hacker quickly swapped it into 60 wrapped-Ether and 15,900 Curve.fi FRAX.


The movements have since led to a near-100% price wipeout of the CVG governance token, which is now trading at $0.0004 with a market cap of just $57,000. CoinMarketCap data shows.Source:PeckShieldHow the hack happened


Convergence said the attack was possible because the team accidentally removed an essential line of code in its smart contract, which distributes CVG staking rewards. They made the change after the smart contract code was audited four times. 


“The modification (gas-optimization on the first hand) led us to remove the line of code that was checking the input given to the function,” it explained. 


The hacker used this to exploit the CvxRewardDistributor contract through the claimMultipleStaking function.


This meant the staking contract couldn’t be validated, allowing the hacker to pass a separate malicious contract with the same signature as the claimCvgCvxMultiple function.


The hacker then minted all tokens dedicated to staking emissions and then dumped them into CVG liquidity pools, Convergence said. “We apologize to our community and investors, and we take full responsibility for what happened.”


Related:Over 70% of hacked funds are lost to CeFi entities — Cyvers


Convergence says that user funds are safe, but has recommended users withdraw assets from the platform.


“Due to the exploit, the rewards contract for the Stake DAO integration is currently broken. It will be fixed, and stakers will be able to claim their rewards once it’s done. No rewards are lost for Stake DAO integration users," it said. "We will soon communicate about the possibilities for the future of the protocol."


Convergence works to aggregate liquidity, boost returns and enable liquid locking across the Curve Finance ecosystem.


The total value locked on Convergence fell from $5.79 million to $3.69 million, DefiLlama data shows.


The cryptocurrency ecosystem lost around $266 million to hacks in July, mostly coming from the $230 million hack of Indian trading platform WazirX on July 18.


Magazine:THORChain founder and his plan to ‘vampire attack’ all of DeFi# Altcoin# Smart Contracts# Hackers# Hacks# DeFi# LiquidityAdd reaction

News Feed

Bloxmith Launches Raiders Rumble, a Mobile Strategy Game for Both Web2 and Web3 Gamers, on the Flow Blockchain
Bloxmith Launches Raiders Rumble, a Mobile Strategy Game for Both Web2 and Web3 Gamers, on the Flow Blockchain press release PRESS RELEASE. Taipei, March 13, 2023 – Bloxmith, the
Cardano Whale Activity Spikes – 80 Million ADA Added In 48 Hours
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu
Biggest Movers: SHIB 20% Higher, as DOGE Hits 5-Month High
Biggest Movers: SHIB 20% Higher, as DOGE Hits 5-Month High Meme coins were trading significantly higher on Saturday, as both shiba inu and dogecoin rose by over 20%. Shiba inu rall
The next SEC chair must be named before US election — Tyler Winklevoss
Ciaran Lyons4 hours agoThe next SEC chair must be named before US election — Tyler WinklevossGemini co-founder Tyler Winklevoss argues that the cryptocurrency industry should not "tolerate any possibility of a rep
Solana Rallies Into Pivotal Zone – $180 Level Could Define Next Move
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu
Polymarket monthly volume hits $100M as presidential race heats up
Brayden Lindrea7 hours agoPolymarket monthly volume hits $100M as presidential race heats upOver $200 million worth of bets have been placed on who will win the United States presidential election in November.4913 Total
Bitcoin, Ethereum Technical Analysis: ETH Rebounds on Thursday, Less Than a Week Before ‘The Merge’
Bitcoin, Ethereum Technical Analysis: ETH Rebounds on Thursday, Less Than a Week Before "The Merge" Ethereum was back in the green on Thursday, as bulls returned to action followin
New daily Runes etched on Bitcoin falls 99% from post-halving peak
Brayden Lindrea5 hours agoNew daily Runes etched on Bitcoin falls 99% from post-halving peakOnly 157 new Runes were etched on Bitcoin on May 13, which contributed to just $3,835 in transaction fees paid to Bitcoin miners
Is Bitcoin a scam? 5 myths surrounding BTC and how to debunk them
Marco Castrovilli4 hours agoIs Bitcoin a scam? 5 myths surrounding BTC and how to debunk themIn our latest video, we delve into the five most prevalent myths about Bitcoin, meticulously separating fact from fiction.1191
India’s Warren Buffett Wants Regulators to Ban Bitcoin and Focus on Digital Rupee
India"s Warren Buffett Wants Regulators to Ban Bitcoin and Focus on Digital Rupee Indian billionaire Rakesh Jhunjhunwala, sometimes referred to as the Warren Buf
LBank Exchange Will List Apollo Inu (APOLLO) on March 9, 2022
LBank Exchange Will List Apollo Inu (APOLLO) on March 9, 2022 press release PRESS RELEASE. INTERNET CITY, DUBAI, March. 5, 2022 – LBank Exchange, a global digital asset tradi
A 20%-30% Correction Is ‘The Most Bullish Thing’ That Could Happen To Bitcoin – Analyst
Este artículo también está disponible en español. Bitcoin is navigating turbulent waters as its price continues to slide, searching for a stable support level amid growin