Reading: Dash FastPass Rollout Across Top Cryptocurrency Exchanges Sparks Bullish Surge

Arbismart Logo
Ethereum

A DeFi App Was Just Hacked for Over $300,000 in Ethereum & Bitcoin

Nick Chong

Nick Chong | Apr 19, 2020 | 01:00

ethereum defi Ethereum

A DeFi App Was Just Hacked for Over $300,000 in Ethereum & Bitcoin

Nick Chong

Nick Chong | Apr 19, 2020 | 01:00

Advertisement
Send
Share

There’s no doubt that decentralized finance (DeFi) has been central to the Ethereum ecosystem over the past year. But unfortunately, this use for the second-largest blockchain by its underlying crypto’s market capitalization doesn’t come without its own set of flaws.

Reports indicate that on April 18th, a leading protocol was just hacked for a large sum of Ether and tokenized Bitcoin.

$300,000 in Ethereum & Bitcoin Swiped

According to blockchain developer and DeFi specialist Julien Bouteloup, an attacker managed to drain a Uniswap-based pool (a market), and gained more than $300,000 worth of ETH and an Ethereum-based tokenized version of Bitcoin, imBTC, in the process:

“imBTC TokenIon pool on Uniswap has been attacked and drained. Simple attack vector on Uniswap [allowed them] to steal more than $300,000 in ETH + BTC,” they wrote.

Although a post-mortem of the event has not yet been released, Bouteloup claimed that the exploit that allowed the user to make away with such a large sum of crypto was explained by in an audit of the Ethereum-based Uniswap’s protocol 16 months ago.

According to a GitHub post revealing the details of the audit, the exploit involves an attacker creating a “fake exchange (pool)” that resembles the original exchange.

From there, the attacker can manipulate Uniswap to make the price of an asset very cheap in the original pool, allowing them to make awake with coins at a price much lower than their actual market value.

In this case, the coin stolen was a tokenized Bitcoin, imBTC.

Not the First DeFi Hack

This is far from the first time a user has turned a large profit by leveraging bugs in Ethereum-based DeFi protocols over the past few months.

In February, protocol bZx suffered two attacks just days apart from each other. The two attacks weren’t exactly the same, but the gist of both of them are as follows:

  • A user took out a “flash loan” of a large sum of ETH from bZx. A flash loan is where a user borrows and returns the loaned capital in the same transaction.
  • The ETH was used to purchase another Ethereum-based asset.
  • The user deployed manipulation to change how other protocols see the price of said Ethereum-based asset, allowing for profits to be made due to price oracles registering the false values.

The attacks saw bZx users lose $300,000 and around $650,000, for a total of nearly $1 million.

Photo by Markus Spiske on Unsplash

BitStarz Player Lands $2,459,124 Record Win! Could you be next big winner?

Tags: , , , ,
Send
Share
Show comments
The Dark Side of Ethereum
Ethereum

The Dark Side of Ethereum

For the last six years, Ethereum has dominated the smart contract landscape and has been arguably the only viable platform for launching decentralized applications (dApps) — due to...

Bitcoinist | 2 weeks ago
bitcoin ethereum
Ethereum

Economist: Ethereum To Repeat Bitcoin Rally To $20K, According To Metcalfe’s Law

Ethereum is now the second major cryptocurrency from the last bull run to break its former all-time high. One author and economist, however, claims that this is only the beginning of...

Tony Spilotro | 2 months ago
Ethereum, ETHUSD, ETHBTC, cryptocurrency
Ethereum

Ethereum Hits Three-Year High as Bitcoin Volatility Dims; Record Highs Ahead?

Ethereum (ETH) reached levels it last tested in January 2018 as a less volatile Bitcoin kept creating upside opportunities in the $105 billion altcoin market. The second-largest...

Yashu Gola | 2 months ago