Grim Finance is the latest Defi protocol to get hacked and drained out of $30 million worth of Tokens as we can see more today in our latest cryptocurrency news.
Grim Finance is a computing yield optimizer that is built on the Fantom Opera Blockchain. Now, Grim Finance is the latest victim in a multimillion-dollar exploit that ended up losing $30 million worth of tokens. The DeFi protocol confirmed the attack and according to the tweet, the Exploit was found in the vault contract so all of the vaults and deposited funds are at risk. Grim calls itself a compounding yield optimizer which means it promises to wring more value from liquidity provider tokens so that the users receive from decentralized exchanges if they lock them up in the vault. The platform touts in its protocol documentation as it helps users get more rewards with no hassle.
Hello Grim Community,
It is with heavy hearts that we inform you that our platform was exploited today by an external attacker roughly 6 hours ago. The attackers address has been identified with over 30 million dollars worth of theft here https://t.co/qA3iBTSepb
— Grim Finance (@financegrim) December 19, 2021
The protocol is built atop the Fantom Opera Blockchain which is a smart contract-enabled platform that is built using the Solidity language and is also compatible with Ethereum. The hacker used a reentrancy attack whcih allows someone to fake the deposits into the vault while in an initial transaction it is still going and tricks the protocol along the way. Grim tweeted that the hacker already laundered the funds via a stablecoin transfer:
“We have contacted and notified Circle (USDC), DAI, and AnySwap regarding the attacker address to potentially freeze any further fund transfers.”
A Defi watchdog group Rugdoc.io said that Grim Finance should have known better and a reentrancy guard. The platform tweeted:
“Hopefully all projects can draw lessons from this incident that there is much knowledge most experienced solidity devs have at hand. If you haven’t acquired this yet, don’t build multi-million dollar projects. Don’t get audits from companies which everyone knows are useless.”
Grim shared the audit of the finance token and vault contracts from Solidity Finance and according to the report, the Reentrancy Guard is used in relevant locations to prevent these types of attacks. All of the deposits into grim Finance vaults are paused to prevent further theft.
As recently reported, A hacker stole $140M from Polygon’s Vulcan Forged gaming platform which is a blockchain game studio that runs a decentralized exchange and NFT marketplace to complement the play-to-earn titles
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post