We collect cookies to analyze our website traffic and performance; we never collect any personal data.Cookies Policy
Accept
Michigan Post
Search
  • Home
  • Trending
  • Michigan
  • World
  • Politics
  • Top Story
  • Business
    • Business
    • Economics
    • Real Estate
    • Startups
    • Autos
    • Crypto & Web 3
  • Tech
  • Lifestyle
    • Lifestyle
    • Food
    • Beauty
    • Art & Books
  • Health
  • Sports
  • Entertainment
  • Education
Reading: Three DeFi hacks web $10 million in 48 hours regardless of ‘renaissance moment’
Share
Font ResizerAa
Michigan PostMichigan Post
Search
  • Home
  • Trending
  • Michigan
  • World
  • Politics
  • Top Story
  • Business
    • Business
    • Economics
    • Real Estate
    • Startups
    • Autos
    • Crypto & Web 3
  • Tech
  • Lifestyle
    • Lifestyle
    • Food
    • Beauty
    • Art & Books
  • Health
  • Sports
  • Entertainment
  • Education
© 2024 | The Michigan Post | All Rights Reserved.
Michigan Post > Blog > Crypto & Web 3 > Three DeFi hacks web $10 million in 48 hours regardless of ‘renaissance moment’
Crypto & Web 3

Three DeFi hacks web $10 million in 48 hours regardless of ‘renaissance moment’

By Editorial Board Published September 27, 2024 4 Min Read
Share
Three DeFi hacks web  million in 48 hours regardless of ‘renaissance moment’

Yesterday, two hacks on decentralized finance (DeFi) protocols netted a complete of over $5 million, with an additional $5 million siphoned off from compromised wallets on Wednesday.

Whereas the founders of two OG protocols, Aave and Maker (now Sky), bro’d down over Starcraft whereas basking in a “DeFi renaissance moment,” a few of the sector’s much less well-established initiatives have been happening in historical past for the fallacious causes.

Repeat DeFi hack or a brand new bug?

First up was Onyx Protocol whose $3.8 million loss was first considered a repeat of the well-known bug that drained $2.1 million from the undertaking towards the again finish of final 12 months.

Onyx is a fork of Compound Finance, which incorporates an notorious vulnerability wherein freshly-launched, empty lending markets are briefly left open to a worth manipulation assault, if not dealt with accurately.

Given the recognition of Compound’s v2 codebase with fast-forking DeFi devs, the bug is exploited with alarming regularity throughout the sector, and was initially recognized as having been the reason for Onyx’s newest loss.

Nonetheless, because the group identified in a ‘post-mortem’ thread on X (previously Twitter), this time the vulnerability additionally lay within the platform’s ‘NFT Liquidation contract.’ The attacker was in a position to drain the vUSD stablecoin which was then offered off, inflicting it to depeg.

One thing’s not including up

Subsequent got here ‘bitcoin restaking’ protocol Bedrock which seemed to be overly bullish on ETH, costing it round $2 million.

The defective code allowed customers to mint Bedrock’s uniBTC token at a 1:1 ratio with staked ETH tokens, not bearing in mind the worth distinction between the 2 property (valued on the time at roughly $65,000 vs $2,650, respectively).

The uniBTC tokens have been then offered off for an alternate wrapped bitcoin token, for a return of virtually 25x.

Crypto safety auditor Dedaub claims to have recognized the vulnerability upfront, stating that such a easy bug may very well be found and exploited mechanically by ‘fuzzing bots.’

Regardless of warning the Bedrock group two hours earlier than the assault, there was no response due time zone variations. Nonetheless, by elevating the difficulty individually with Pendle, a platform with $30 million of publicity to uniBTC, additional losses have been efficiently averted.

The Bedrock group responded to the incident, reassuring customers that each one uniBTC collateral stays intact. It estimated the losses at “approximately $2 million (mostly in DEX LPs),” including {that a} “comprehensive reimbursement plan is being finalized.”

Compromised keys?

On Wednesday, real-world-asset-focused Truflation warned of “some abnormal activity,” which it attributed to a malware assault.

On September twenty fifth, 2024, the Truflation group detected some irregular exercise. An attacker launched an assault utilizing malware.

We’re presently monitoring the scenario and are taking measures to guard funds whereas we’re investigating and dealing with legislation enforcement. The…

— Truflation (@truflation) September 25, 2024

Blockchain investigator ZachXBT traced whole losses of over $5 million from addresses recognized because the undertaking’s “treasury multisig and personal wallets,” offering an inventory of addresses through his Investigations Telegram channel.

Whereas the preliminary disclosure was scant on particulars, it does point out a reward to any whitehats in a position to help the investigation. This was adopted up with an on-chain message to the hacker, providing a ten% ‘bounty’ for the return of the funds.

Assuming funds aren’t returned earlier than 8am (UTC) on Saturday, the bounty can be opened as much as the general public in return for data resulting in a conviction.

TAGGED:DeFiHackshoursMillionMomentNetrenaissance
Share This Article
Facebook Twitter Email Copy Link Print

HOT NEWS

Potter Park Zoo shares "first day" indicators for again to high school

Potter Park Zoo shares "first day" indicators for again to high school

Michigan
August 27, 2025
‘Microwave’ not searchable on X amid Bob Lax rumors

‘Microwave’ not searchable on X amid Bob Lax rumors

An obvious bug that has rendered the time period “microwave” unsearchable on X has coincided…

August 27, 2025
Males ought to ‘demand’ prostate most cancers check, ex-Sky presenter says – as he speaks about his stage-four analysis

Males ought to ‘demand’ prostate most cancers check, ex-Sky presenter says – as he speaks about his stage-four analysis

Upon being handled by the NHS, he was identified with stage-four most cancers.Pointing to how…

August 27, 2025
Denmark summons prime US diplomat over alleged Greenland affect operations

Denmark summons prime US diplomat over alleged Greenland affect operations

Denmark’s overseas minister has summoned the highest US diplomat within the nation over a report…

August 27, 2025
5M Powerball jackpot: what you really win in Michigan

$815M Powerball jackpot: what you really win in Michigan

LANSING, Mich. (WLNS) — The Powerball jackpot has reached a staggering $815 million, and the…

August 27, 2025

YOU MAY ALSO LIKE

Commerce Secretary Lutnick needs US economic system on blockchain for some motive

In a dramatic — and barely odd — pronouncement, US Secretary of Commerce Howard Lutnick declared on nationwide tv that…

Crypto & Web 3
August 27, 2025

Prefer it or not, Jim Chanos’ MSTR brief commerce was a winner

Though they’d hate to confess it, even Michael Saylor’s greatest followers would agree that Jim Chanos’ bearish Technique (MSTR) commerce…

Crypto & Web 3
August 27, 2025

England warned it faces six million new most cancers instances by 2040 – with these areas worst hit

Greater than six million new most cancers instances could possibly be recognized in England between now and 2040, in line…

Tech / Science
August 27, 2025

Tyler Winklevoss goes viral for not having the Gemini app

Yesterday, Tyler Winklevoss wished to brag about how the Gemini app he co-founded was extremely ranked within the Apple App…

Crypto & Web 3
August 26, 2025

Welcome to Michigan Post, an esteemed publication of the Enspirers News Group. As a beacon of excellence in journalism, Michigan Post is committed to delivering unfiltered and comprehensive news coverage on World News, Politics, Business, Tech, and beyond.

Company

  • About Us
  • Newsroom Policies & Standards
  • Diversity & Inclusion
  • Careers
  • Media & Community Relations
  • Accessibility Statement

Contact Us

  • Contact Us
  • Contact Customer Care
  • Advertise
  • Licensing & Syndication
  • Request a Correction
  • Contact the Newsroom
  • Send a News Tip
  • Report a Vulnerability

Term of Use

  • Digital Products Terms of Sale
  • Terms of Service
  • Privacy Policy
  • Cookie Settings
  • Submissions & Discussion Policy
  • RSS Terms of Service
  • Ad Choices

© 2024 | The Michigan Post | All Rights Reserved

Welcome Back!

Sign in to your account

Lost your password?