DeFi lending protocol bZx exploit leads to a $1 million loss

DeFi lending protocol bZx exploit leads to a $1 million loss
фото показано с : cryptoslate.com

2020-2-19 18:07

bZx, a DeFi lending protocol, was hit with a series of exploits. The attacks resulted in the loss of 3,581 ETH worth nearly $1 million.

A series of unfortunate events

On Feb. 14, the bZx team was alerted about a suspicious transaction that allowed the perpetrator to net a whopping $300,000 in profits.

Julien Bouteloup, founder of DeFi investment firm Stake Capital, explained that a smart trader under the pseudonym dYdX took a 10,000 ETH flash loan to borrow 112 wrapped BTC (wBTC) from Compound. Witht the rest of the loan he was able to open a 5x short position against the “ETHBTC ratio” on Fulcrum.

Then, the individual went into Uniswap to swap 51 wBTC. These series of events caused a “large slippage” allowing the trader to exit his short position at profit and pay back the initial loan with the proceeds.

Source: Twitter

Following the exploit, bZx issued a statement claiming that users funds were not affected. The team also vowed to implement multiple upgrades to ensure that this type of incidents do not happen again.

bZx stated:

“We have made the following upgrades using the administrator key to prevent this attack from occurring again. First, we addressed the condition that prevented the check from firing in the first place by requiring the check to take place even in the case of overcollateralized loans. Second, the ETHBTC margin tokens were delisted from the oracle token registry. Third, we implemented maximum trade sizes to limit the possible scope of any attack.”

The different upgrades were targeting multiple vulnerabilities on the DeFi lending protocol. However, a second attack took place shortly after the system update. This time the trader took advantage of the protocol’s own flash loans. He was able to walk away with 2,388 ETH.

Larry Cermak, director of research at The Block, said that the attacker took out a flash loan of 7,500 ETH to buy sUSD at a price close to $1 and deposited the funds on bZx to use as collateral. Then, the individual used 900 ETH to market buy sUSD on Kyber and Uniswap pushing the price to over $2.

Once sUSD went up, the trader borrowed nearly 6,800 ETH against sUSD on bZx and repaid the flash loan. In the end, the anonymous attacker was able to profit approximately $645,000.

Source: Twitter

bZx maintains that the second exploit is the result of an “oracle manipulation attack”. Nonetheless, the team was able to “delay the realization of the loss”. This could allow the system to recover from this incident.

These series of unfortunate events have opened up discussion in the crypto community regarding the high levels of centralization in DeFi applications and the danger of flash loans.

The post DeFi lending protocol bZx exploit leads to a $1 million loss appeared first on CryptoSlate.

Similar to Notcoin - TapSwap on Solana Airdrops In 2024

origin »

Bitcoin Zero (BZX) на Currencies.ru

$ 0.0038293 (+1.14%)
Объем 24H $7.573k
Изменеия 24h: 2.42 %, 7d: -10.48 %
Cегодня L: $0.0038293 - H: $0.0038293
Капитализация $111.092k Rank 1789
Цена в час новости $ 0.0015196 (151.99%)

bzx defi loss series million lending protocol

bzx defi → Результатов: 16


Фото:

Неизвестный вывел 2'388 ETH, обманув DeFi-платформу bZx

Кредитная платформа децентрализованного финансирования (DeFi) bZx подверглась мошенничеству с манипуляцией ценой, в ходе которого злоумышленник обогатился на $645'000.

2020-2-18 15:20


DeFi-протокол bZx снова атакован — потеряно $645 000 в эфире

Кредитный DeFi-протокол bZx был снова атакован — на этот раз предполагаемая потеря составляет 2 388 эфира (ETH), то есть почти $645 000. «Похоже, что эта атака атака была проведена через манипулирование оракулом», — заявил соучредитель bZx Кайл Кистнер на официальном Telegram-канале проекта.

2020-2-18 13:46


Фото:

Взлом DeFi-платформы заставил засомневаться в перспективах децентрализованных финансов

Одной из обсуждаемых тем на недавнем мероприятии ETHDenver в Денвере стали подозрительные обстоятельства вокруг протокола DeFi под названием bZx. Комьюнити-менеджер Ethereum Foundation Хадсон Джеймсон попытался вызвать на сцену Тома Бина, создателя протокола, однако его не было среди присутствующих. Это подлило...

2020-2-18 14:15