We collect cookies to analyze our website traffic and performance; we never collect any personal data.Cookies Policy
Accept
Michigan Post
Search
  • Home
  • Trending
  • Michigan
  • World
  • Politics
  • Top Story
  • Business
    • Business
    • Economics
    • Real Estate
    • Startups
    • Autos
    • Crypto & Web 3
  • Tech
  • Lifestyle
    • Lifestyle
    • Food
    • Beauty
    • Art & Books
  • Health
  • Sports
  • Entertainment
  • Education
Reading: Three DeFi hacks web $10 million in 48 hours regardless of ‘renaissance moment’
Share
Font ResizerAa
Michigan PostMichigan Post
Search
  • Home
  • Trending
  • Michigan
  • World
  • Politics
  • Top Story
  • Business
    • Business
    • Economics
    • Real Estate
    • Startups
    • Autos
    • Crypto & Web 3
  • Tech
  • Lifestyle
    • Lifestyle
    • Food
    • Beauty
    • Art & Books
  • Health
  • Sports
  • Entertainment
  • Education
© 2024 | The Michigan Post | All Rights Reserved.
Michigan Post > Blog > Crypto & Web 3 > Three DeFi hacks web $10 million in 48 hours regardless of ‘renaissance moment’
Crypto & Web 3

Three DeFi hacks web $10 million in 48 hours regardless of ‘renaissance moment’

By Editorial Board Published September 27, 2024 4 Min Read
Share
Three DeFi hacks web  million in 48 hours regardless of ‘renaissance moment’

Yesterday, two hacks on decentralized finance (DeFi) protocols netted a complete of over $5 million, with an additional $5 million siphoned off from compromised wallets on Wednesday.

Whereas the founders of two OG protocols, Aave and Maker (now Sky), bro’d down over Starcraft whereas basking in a “DeFi renaissance moment,” a few of the sector’s much less well-established initiatives have been happening in historical past for the fallacious causes.

Repeat DeFi hack or a brand new bug?

First up was Onyx Protocol whose $3.8 million loss was first considered a repeat of the well-known bug that drained $2.1 million from the undertaking towards the again finish of final 12 months.

Onyx is a fork of Compound Finance, which incorporates an notorious vulnerability wherein freshly-launched, empty lending markets are briefly left open to a worth manipulation assault, if not dealt with accurately.

Given the recognition of Compound’s v2 codebase with fast-forking DeFi devs, the bug is exploited with alarming regularity throughout the sector, and was initially recognized as having been the reason for Onyx’s newest loss.

Nonetheless, because the group identified in a ‘post-mortem’ thread on X (previously Twitter), this time the vulnerability additionally lay within the platform’s ‘NFT Liquidation contract.’ The attacker was in a position to drain the vUSD stablecoin which was then offered off, inflicting it to depeg.

One thing’s not including up

Subsequent got here ‘bitcoin restaking’ protocol Bedrock which seemed to be overly bullish on ETH, costing it round $2 million.

The defective code allowed customers to mint Bedrock’s uniBTC token at a 1:1 ratio with staked ETH tokens, not bearing in mind the worth distinction between the 2 property (valued on the time at roughly $65,000 vs $2,650, respectively).

The uniBTC tokens have been then offered off for an alternate wrapped bitcoin token, for a return of virtually 25x.

Crypto safety auditor Dedaub claims to have recognized the vulnerability upfront, stating that such a easy bug may very well be found and exploited mechanically by ‘fuzzing bots.’

Regardless of warning the Bedrock group two hours earlier than the assault, there was no response due time zone variations. Nonetheless, by elevating the difficulty individually with Pendle, a platform with $30 million of publicity to uniBTC, additional losses have been efficiently averted.

The Bedrock group responded to the incident, reassuring customers that each one uniBTC collateral stays intact. It estimated the losses at “approximately $2 million (mostly in DEX LPs),” including {that a} “comprehensive reimbursement plan is being finalized.”

Compromised keys?

On Wednesday, real-world-asset-focused Truflation warned of “some abnormal activity,” which it attributed to a malware assault.

On September twenty fifth, 2024, the Truflation group detected some irregular exercise. An attacker launched an assault utilizing malware.

We’re presently monitoring the scenario and are taking measures to guard funds whereas we’re investigating and dealing with legislation enforcement. The…

— Truflation (@truflation) September 25, 2024

Blockchain investigator ZachXBT traced whole losses of over $5 million from addresses recognized because the undertaking’s “treasury multisig and personal wallets,” offering an inventory of addresses through his Investigations Telegram channel.

Whereas the preliminary disclosure was scant on particulars, it does point out a reward to any whitehats in a position to help the investigation. This was adopted up with an on-chain message to the hacker, providing a ten% ‘bounty’ for the return of the funds.

Assuming funds aren’t returned earlier than 8am (UTC) on Saturday, the bounty can be opened as much as the general public in return for data resulting in a conviction.

TAGGED:DeFiHackshoursMillionMomentNetrenaissance
Share This Article
Facebook Twitter Email Copy Link Print

HOT NEWS

America’s Golden Dome | Economics

America’s Golden Dome | Economics

Economics
August 5, 2025
Slotkin requires Medicaid, Reasonably priced Care Act fixes throughout Michigan hospital go to

Slotkin requires Medicaid, Reasonably priced Care Act fixes throughout Michigan hospital go to

GRAND RAPIDS, Mich. (WOOD) — U.S. Sen. Elissa Slotkin visited Helen DeVos Kids’s Hospital on…

August 5, 2025
Dodgers let sturdy begin from Tyler Glasnow go to waste in loss to Cardinals

Dodgers let sturdy begin from Tyler Glasnow go to waste in loss to Cardinals

The Dodgers’ Tyler Glasnow and the Cardinals’ Sonny Grey squared off in an old-school pitchers’…

August 5, 2025
Mercury BANNED In US Vaccines | Economics

Mercury BANNED In US Vaccines | Economics

HHS Secretary Robert F. Kennedy Jr.’s subsequent step towards making America Wholesome once more is…

August 5, 2025
Specialists warn of long-term well being impacts of unhealthy air high quality

Specialists warn of long-term well being impacts of unhealthy air high quality

LANSING, (Mich.) WLNS -- Specialists are warning that steady publicity to smoke within the air…

August 5, 2025

YOU MAY ALSO LIKE

Bitcoin treasury chief David Bailey desires $200M for brand spanking new Bitcoin PAC

Yesterday, the chief of the world’s 109th largest public bitcoin (BTC) treasury firm declared his intention to type a political…

Crypto & Web 3
August 4, 2025

Scammers utilizing AI instruments to steal crypto by way of deepfakes and pockets drainers 

Whether or not it’s by way of giving a lift to conventional “social engineering” scams, or writing crypto-stealing code disguised…

Crypto & Web 3
August 4, 2025

One small step for Justin Solar, one large leap for monetary impunity

Justin Solar has lastly taken his long-awaited journey to house, 4 years after he positioned the very best bid for…

Crypto & Web 3
August 4, 2025

No, China didn’t ban crypto once more

As C.H. Spurgeon famously mentioned, “a lie will go round the world while truth is pulling its boots on.” Early…

Crypto & Web 3
August 4, 2025

Welcome to Michigan Post, an esteemed publication of the Enspirers News Group. As a beacon of excellence in journalism, Michigan Post is committed to delivering unfiltered and comprehensive news coverage on World News, Politics, Business, Tech, and beyond.

Company

  • About Us
  • Newsroom Policies & Standards
  • Diversity & Inclusion
  • Careers
  • Media & Community Relations
  • Accessibility Statement

Contact Us

  • Contact Us
  • Contact Customer Care
  • Advertise
  • Licensing & Syndication
  • Request a Correction
  • Contact the Newsroom
  • Send a News Tip
  • Report a Vulnerability

Term of Use

  • Digital Products Terms of Sale
  • Terms of Service
  • Privacy Policy
  • Cookie Settings
  • Submissions & Discussion Policy
  • RSS Terms of Service
  • Ad Choices

© 2024 | The Michigan Post | All Rights Reserved

Welcome Back!

Sign in to your account

Lost your password?