Reading: Accurate Analyst Expects Chainlink To Sustain Over 70% Drop: Here’s Why

Ethereum

A DeFi App Was Just Hacked for Over $300,000 in Ethereum & Bitcoin

Nick Chong

Nick Chong | Apr 19, 2020 | 01:00

ethereum defi Ethereum

A DeFi App Was Just Hacked for Over $300,000 in Ethereum & Bitcoin

Nick Chong

Nick Chong | Apr 19, 2020 | 01:00

Send
Share

There’s no doubt that decentralized finance (DeFi) has been central to the Ethereum ecosystem over the past year. But unfortunately, this use for the second-largest blockchain by its underlying crypto’s market capitalization doesn’t come without its own set of flaws.

Reports indicate that on April 18th, a leading protocol was just hacked for a large sum of Ether and tokenized Bitcoin.

$300,000 in Ethereum & Bitcoin Swiped

According to blockchain developer and DeFi specialist Julien Bouteloup, an attacker managed to drain a Uniswap-based pool (a market), and gained more than $300,000 worth of ETH and an Ethereum-based tokenized version of Bitcoin, imBTC, in the process:

“imBTC TokenIon pool on Uniswap has been attacked and drained. Simple attack vector on Uniswap [allowed them] to steal more than $300,000 in ETH + BTC,” they wrote.

Although a post-mortem of the event has not yet been released, Bouteloup claimed that the exploit that allowed the user to make away with such a large sum of crypto was explained by in an audit of the Ethereum-based Uniswap’s protocol 16 months ago.

According to a GitHub post revealing the details of the audit, the exploit involves an attacker creating a “fake exchange (pool)” that resembles the original exchange.

From there, the attacker can manipulate Uniswap to make the price of an asset very cheap in the original pool, allowing them to make awake with coins at a price much lower than their actual market value.

In this case, the coin stolen was a tokenized Bitcoin, imBTC.

Not the First DeFi Hack

This is far from the first time a user has turned a large profit by leveraging bugs in Ethereum-based DeFi protocols over the past few months.

In February, protocol bZx suffered two attacks just days apart from each other. The two attacks weren’t exactly the same, but the gist of both of them are as follows:

  • A user took out a “flash loan” of a large sum of ETH from bZx. A flash loan is where a user borrows and returns the loaned capital in the same transaction.
  • The ETH was used to purchase another Ethereum-based asset.
  • The user deployed manipulation to change how other protocols see the price of said Ethereum-based asset, allowing for profits to be made due to price oracles registering the false values.

The attacks saw bZx users lose $300,000 and around $650,000, for a total of nearly $1 million.

Photo by Markus Spiske on Unsplash

BitStarz Player Lands $2,459,124 Record Win! Could you be next big winner?

Tags: , , , ,
Send
Share
Show comments
ethereum
Ethereum

As ETH Fees Remain High, Trader Reminds Community “Ethereum Hasn’t Won Yet”

If you’re one to focus on transaction fees, it’s been a tough past few weeks for Ethereum. The network has been subject to an influx of adoption over recent weeks...

Nick Chong | 3 days ago
ethereum
Ethereum

Ethereum Active Address Count Hits 2-Year High, Yet ETH Is Still Bearish

Ethereum’s price is more than 80% below its all-time high above $1,400. Yet this bearish price performance on a macro scale has not stopped users from flooding to the network...

Nick Chong | 4 days ago
ethereum
Ethereum

Despite Its $25B Market Cap, Ethereum Can Still Be “Dethroned”

For years, Ethereum has easily been the leading smart contract blockchain. With mass adoption by service providers, brand recognition, and a series of popular apps, it leads in its...

Nick Chong | 6 days ago