Fun

DeFi protocol removed an important line of code that led to a $212K hack

News Feed - 2024-08-02 01:08:57

Brayden Lindrea4 hours agoDeFi protocol removed an important line of code that led to a $212K hackThe attack occurred around 3 am UTC on Aug. 1, leading Convergence’s native token CVG to plummet over 99%.1343 Total views2 Total sharesListen to article 0:00NewsOwn this piece of crypto historyCollect this article as NFTCOINTELEGRAPH IN YOUR SOCIAL FEEDFollow ourSubscribe onDecentralized finance protocol Convergence has confirmed it was hacked via a smart contract exploit on Aug. 1, with a hacker minting and selling $210 million in its native token, as well as stealing $2,000 in unclaimed staking rewards.


According to a newly released post-mortem from Wireshark, the pseudonymous founder of the Convergence protocol, the hacker exploited the protocol’s CvxRewardDistributor contract, allowing them to mint and sell 58 million CVG tokens for approximately $210,000.


The hacker also stole approximately $2,000 of unclaimed rewards from Convex, a DeFi protocol designed to maximize rewards for Curve liquidity providers.


According to Etherscan, the attack occurred on Aug. 1 at around 3:00 am UTC.


Blockchain security firm PeckShield noted that after minting the CVG tokens, the hacker quickly swapped it into 60 wrapped-Ether and 15,900 Curve.fi FRAX.


The movements have since led to a near-100% price wipeout of the CVG governance token, which is now trading at $0.0004 with a market cap of just $57,000. CoinMarketCap data shows.Source:PeckShieldHow the hack happened


Convergence said the attack was possible because the team accidentally removed an essential line of code in its smart contract, which distributes CVG staking rewards. They made the change after the smart contract code was audited four times. 


“The modification (gas-optimization on the first hand) led us to remove the line of code that was checking the input given to the function,” it explained. 


The hacker used this to exploit the CvxRewardDistributor contract through the claimMultipleStaking function.


This meant the staking contract couldn’t be validated, allowing the hacker to pass a separate malicious contract with the same signature as the claimCvgCvxMultiple function.


The hacker then minted all tokens dedicated to staking emissions and then dumped them into CVG liquidity pools, Convergence said. “We apologize to our community and investors, and we take full responsibility for what happened.”


Related:Over 70% of hacked funds are lost to CeFi entities — Cyvers


Convergence says that user funds are safe, but has recommended users withdraw assets from the platform.


“Due to the exploit, the rewards contract for the Stake DAO integration is currently broken. It will be fixed, and stakers will be able to claim their rewards once it’s done. No rewards are lost for Stake DAO integration users," it said. "We will soon communicate about the possibilities for the future of the protocol."


Convergence works to aggregate liquidity, boost returns and enable liquid locking across the Curve Finance ecosystem.


The total value locked on Convergence fell from $5.79 million to $3.69 million, DefiLlama data shows.


The cryptocurrency ecosystem lost around $266 million to hacks in July, mostly coming from the $230 million hack of Indian trading platform WazirX on July 18.


Magazine:THORChain founder and his plan to ‘vampire attack’ all of DeFi# Altcoin# Smart Contracts# Hackers# Hacks# DeFi# LiquidityAdd reaction

News Feed

Investment Fund Focused on Crypto Mining to Be Created in Russia
Investment Fund Focused on Crypto Mining to Be Created in Russia The establishment of Russia’s first mutual investment fund dedicated to financing cryptocurrency mining operation
ZachXBT recovers majority of $177K stolen NFT proceeds after 9-month probe
Ciaran Lyons3 hours agoZachXBT recovers majority of $177K stolen NFT proceeds after 9-month probeBlockchain investigator ZachXBT revealed that after a "lengthy process" he has retrieved the majority of the proc
Aspen Creek Digital and Compass Mining to Host Thousands of Bitcoin Mining Rigs at Texas Solar Farm
Aspen Creek Digital and Compass Mining to Host Thousands of Bitcoin Mining Rigs at Texas Solar Farm On October 26, the bitcoin mining operator Aspen Creek Digital Corporation (ACDC
Ethereum Defends Critical Demand Zone – Will ETH Rally To $3,000?
Este artículo también está disponible en español. Despite a volatile past two weeks, driven by Donald Trump’s proposed trade tariffs and higher-than-expected January 20
3 ways futures traders can use leverage and avoid liquidation losses
Marcel Pechman4 hours ago3 ways futures traders can use leverage and avoid liquidation lossesPro traders use a combination of futures trading strategies to generate profits while limiting their liquidation risk.437 Total
Soaring Sell Orders Contrast Sharply with Bitcoin’s Renewed Bull Run
Soaring Sell Orders Contrast Sharply with Bitcoin’s Renewed Bull Run Alongside the cryptocurrency’s meteoric climb over the back half of 2020 and early 2
Bitcoin, Ethereum Technical Analysis: BTC, ETH Consolidate as Some Expect Fed to Hike Rates by 1% 
Bitcoin, Ethereum Technical Analysis: BTC, ETH Consolidate as Some Expect Fed to Hike Rates by 1%  Bitcoin fell below $19,000 on Wednesday, as markets prepared for a potential 100
Elizabeth Warren Blames ‘Crypto Risk’ for Silvergate Bank’s Liquidation, Critics Dismiss Senator’s Claims as ‘Terribly Misinformed’
Elizabeth Warren Blames ‘Crypto Risk’ for Silvergate Bank"s Liquidation, Critics Dismiss Senator’s Claims as ‘Terribly Misinformed’ After Silvergate Bank announced its vo
Australian Regulator Warns Against Investing Retirement Funds in ‘High Risk’ Crypto-Assets
Australian Regulator Warns Against Investing Retirement Funds in "High Risk" Crypto-Assets An Australian regulator has warned residents seeking to self-manage their retirement fund
CEO: Coinbase Has Earned $2 Billion in Transaction Fees Since 2012
Coinbase has earned more than $2 billion in transaction fee revenue since launching in 2012, according to CEO Brian Armstrong. Speaking onstage at a Vanity Fair event, Armstrong sai
Bitcoin Entrepreneur Brock Pierce Joins the 2020 US Presidential Election
Bitcoin Entrepreneur Brock Pierce Joins the 2020 US Presidential ElectionBlockchain entrepreneur and former Disney child actor, Brock Pierce, is running for President of the United
Bank of Russia Sees No Place for Crypto in Financial Market, Finalizes Digital Ruble Prototype
Bank of Russia Sees No Place for Crypto in Financial Market, Finalizes Digital Ruble Prototype In advance of presenting its comprehensive view on crypto regulations, the Central Ba