BitRss.com latest World Crypto News

Search and discover the latest Cryptocurrency updated Stories in Categories.

24-7 World Cryptocurrency News about Blockchain, Technology and much more, only from Top Leading Sources.

Rising DeFi Protocol Balancer Loses $500,000 To Hacker In Pool Exploit

The Decentralized Finance (DeFi) ecosystem has once again come under attack as a decentralized automated market maker exchange suffered losses close to half a million dollars yesterday.
Balancer Lost $500k In Pool Vulnerability
DeFi project Balancer has lost about $500,000 worth of multiple tokens to a hacker due to a vulnerability in two of Balancer’s pools. News about the hack emerged on social media on Sunday evening, but Balancer did not issue an official report until this morning.
According to the report , the attacker only stole funds from two pools containing STA and STONK, known as “deflationary tokens” or “transfer fees.” Balancer claims the vulnerability only affects pools “where a token has these transfer fees.”
A Similar Pattern
The perpetrator adopted a similar exploitation method used on other DeFi protocols in the past. He used Tornado Cash to obtain the initial funds which he used to deploy smart contracts and conduct the attack. This way, he was able to hide the source of his ETH, DEX Aggregator 1inch explained .
Using the smart contracts, he obtained a flash loan of 104K ETH (appr $23.2 million) from decentralized lending protocol dYdX and converted it to WETH, an Ether-pegged stablecoin. After that, he started trading WETH and STA continuously in increasing quantities.
As reported, STA has a transfer fee on each trade, and the pool expects it to receive a balance without the fee. Balancer further explained that “after enough calls, the attacker calls gulp() which syncs the internal pool accounting of a token balance to the actual balance as stored in the token tracker contract.”
Since STA’s balance is almost nothing, its value relative to other tokens is extremely high. This allowed the hacker to drain funds by swapping STA for other cryptocurrencies in the pool, including ETH, WBTC, LINK, and SNX .
After completing his mission, the attacker quickly repaid the $104K flash loan to dYdX, and the stolen funds were transferred to unknown addresses.
Balancer’s Fault?
In its update, Balancer claimed it is not aware that this type of attack was possible. However, a Twitter user argued that the hacker was able to exploit the vulnerability because Balancer Labs refused to acknowledge the detailed attack vector report, which he submitted to the project during its bug bounty program in May.
Responding to the tweet, Mike McDonald, the co-founder and CTO of Balancer, said the submitted bug report covered issues they were already aware of, so they warned about the unintended effects of ERC20 tokens with transfer fees could have on the network.
4th Largest DeFi Project
Despite the attack, Balancer is now the fourth largest DeFi project on Ethereum with over $116 million worth of ETH locked in the protocol, which is almost a 100% increase in one week.
Balancer launched its governance token BAL on June 23. Following the launch, BAL’s price recorded more than 200% growth, moving from $6.65 to $22.28 in one day.



Enjoy reading? Please share:



Facebook


Twitter


LinkedIn


Telegram


The post Rising DeFi Protocol Balancer Loses $500,000 To Hacker In Pool Exploit appeared first on CryptoPotato .

BitRss.com shares this Contents always with License.

Thank you for Share!

   
Tumblr
LinkedIn
Reddit
VK

WhatsApp
Telegram

Search about Crypto News


BITRSS | CRYPTOCURRENCY WORLD NEWS

The latest Top News, only from Leading exponents of BlockChain, Bitcoin and different Accredited Crypto Currency Sources.

Since 2015, our Mission was to Share, up-to-date, those News and Information we believe to represent in an Ethical and sincere manner the current Crypto Currencies World: everything you are looking for, in one place!

We have always tried to give priority to the News; for this reason we have designed BitRss.com simple and intuitive, usable by all Devices, fast and effective.


| LEARN MORE ABOUT |

Today Most Popular News


Buy Bitcoin online in ANY country, supporting 80+ Payment methods!