A DeFi App just got hacked for more than $300,000 in ETH and BTC as we are seeing the set of flaws in the decentralized finance space. There’s no doubt that the Defi space was central to the ETH ecosystem in 2019 but the use of Ethereum doesn’t come with its own set of disadvantages as we are reading in the Ethereum news below.
The reports indicate that on April 18th, the leading protocol, a DeFi app got hacked for a large sum of Ether and tokenized Bitcoin. According to the DeFi specialist Julien Bouteloup who is a blockchain developer as well, and attacked managed to drain the uni swap-based pool and gained more than $300,000 worth of ethereum-based tokenized version of Bitcoin as well as ETH tokens in the process, as per the reports:
“imBTC TokenIon pool on Uniswap has been attacked and drained. Simple attack vector on Uniswap [allowed them] to steal more than $300,000 in ETH + BTC.’’
After the attack, there wasn’t any analysis released but Bouteloup claimed that the exploit allowed the user to gain access to such as a large sum of crypto was explained in an audit of the Ethereum-based Uniswap protocol which was released 16 months ago. According to a GitHub post, we can see the details of the audit and the exploit involves the attacker creating a fake exchange pool which was similar to the original.
The attack was able to manipulate Uniswap and to make the price of a certain asset very cheap in the original pool which allowed him to gain access to coins at a much lower price than their actual market value. In his case, the stolen coins were tokenized bitcoins and ETH coins. This is not the first time that a user made a huge profit by leveraging bugs in Ethereum-based DeFi protocols in the past weeks. Back in February, the box protocol suffered two attacks only a few days apart. The attacks were not the same but they happened like this:
- One user takes out a flash loan of huge ETH sums.
- The flash loan means that a user is borrowing and returns the loaned capital in the same transaction
- All of the ETH was used to purchase anther ETH-based asset
- The user manipulated by changing how the protocols see the price of the ETH-based assets
- Gain access to profits because of the price oracles registering false values
The attacks led to users losing $300,000 and more than $650,000 for a total of almost $1 million.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post