Harvest Finance is the latest DeFi platform to get hacked

40 101
Avatar for CryptoWordsmith
4 years ago

Decentralized finance (DeFi) projects have become extremely popular over the past year. They allow customers to borrow or lend crypto coins or tokens without the need for a financial intermediary such as a bank. Smart contracts allow all the transactions to be handled automatically. But DeFi projects have been increasingly targeted by criminals because they have attracted so much capital in such a short period of time.

Harvest Finance is the latest DeFi platform to be victimized. With over $400 US million worth of total locked value (TVL), they made the following announcements on Twitter yesterday.

What was unusual is that Harvest Finance managed to identify who the hacker was early today, but they declined to publish that individual's personal information.

Furthermore, they tried to ask the thief to return the funds that were stolen.

The hack is still unresolved, as the hacker had stolen $24 million, but returned $2.5 million. Harvest Finance's native token (FARM) has also fallen about 50% in the wake of the hack.

To their credit, Harvest Finance has taken responsibility for the error in their code that allowed this breach.

I must admit that I was very tempted to experiment with a number of DeFi platforms over the past few months. This latest setback in the space has shown that individuals should be extremely careful, and do their own research before investing in this space. The Harvest Finance incident follows on the heels of two other hacks over the past 6 weeks (Yearn and Bzx) and if I was invested in DeFi, I would move my crypto out now.

It was also hard not to notice this tweet by a centralized finance platform throwing some shade at their competition in the DeFi space.

Thanks for reading, and stay safe!

If you would like to support my work, please hit like 👍 and subscribe! 😊

Follow me on Twitter: @CryptoWordsmith 

#EarnFreeCrypto

#EarnPassiveIncome

Sponsors of CryptoWordsmith
empty
empty
empty

Lead Image: Harvest Finance logo - Screen cap from harvest.finance

Tweets: captured from Twitter


It's the perfect time to start earning free crypto while you learn about it!

Earn BCH for free, paid out day

If you want to earn free BCH, read.cash is always looking for new members and for aspiring authors. Previous writing experience is not required! I invite you to create an account using my referral link by clicking here.


Earn ETH, LRC and BAT tokens for free

The Publish0x community is also looking for new members and for aspiring authors. Previous writing experience is not required here either! This is a friendly environment where you can earn ETH, BAT, or LRC tokens for free! I invite you to create an account using my referral link by clicking here.

 Related reading: How to start trending on Publish0x


Earn compound interest on your crypto deposits

I'm earning up to 8.6% annual interest compounded monthly on my crypto deposits at BlockFi, and you can too. When you sign up for a free account using my referral link by clicking here, we can both receive a bonus!

BlockFi hack: You can even choose which cryptocurrency to receive your interest payments in!

Related reading: How I will earn $20 in free Bitcoin from BlockFi


Earn free cypto by watching videos

You can also earn free crypto such as EOS or XLM by watching Coinbase Earn videos! Register for your free account using my referral link here, and we can both receive a bonus!

Thanks for your support!

Resources:

  1. https://medium.com/harvest-finance/harvest-flashloan-economic-attack-post-mortem-3cf900d65217

  2. https://news.bitcoin.com/defi-protocol-harvest-finance-hacked-for-24-million-attacker-returns-2-5-million/

14
$ 2.87
$ 2.85 from @TheRandomRewarder
$ 0.01 from @Heruvim78
$ 0.01 from @PVMihalache
Avatar for CryptoWordsmith
4 years ago

Comments

Thats so great information. I like to read it

$ 0.00
4 years ago

thanks for visiting!

$ 0.00
4 years ago

Some of them are so dodgy, Sushi get the first prize, then i can think at few more. Just imagine, last year you will call crazy someone investing on a platform with anonymous creator and no audit, now is trendy, and some of these have 1 billion in funds. I try them, but like, 50$ here, 50$ there, and if the 50 become 150, they are changed instantly and sent to my Celsius.

Also, they are doing the audit from a normal person perspective, but a hungry hacker will try again and again, in many different ways, until they find a little backdoor. If i would have a crypto project, i will pay some russian and chinese hackers to test it while in beta, with a bounty for every vulnerability found, this is how you do it, not only audit. They want your money and they will find every vulnerability fast.

$ 0.00
4 years ago

Chef Nomi!!!! Lol 😂

i agree...they need more white hat/hackerthon involvement.

and yes, the DeFi explosion was so fast! i'm staying on the sidelines for a while

btw, your article about this was better than mine that i wrote too fast. thx for visiting and for the tip my friend!

$ 0.00
4 years ago

Oh no! This simply means that the system is not secure. I hope trading/ investing platforms should invest in tightening its security.

$ 0.00
4 years ago

it's interesting because PVMihalache says they passed 2 audits.

it looks like the code was fine, but the method of manipulating the transactions and trading price was where the exploit took place.

$ 0.00
4 years ago

DeFi platform as far as i see is getting more and more serious, thanks for this educational content, it is really interesting.

$ 0.00
4 years ago

DeFi is exploding! you are welcome, and thanks for visiting!

$ 0.00
4 years ago

That why is important to have hired people to audit your codes before making your smart contract available.

$ 0.00
4 years ago

thanks for visiting!

$ 0.00
4 years ago

My pleasure.

$ 0.00
4 years ago

That's terrible! And he what? returned $2.5 out of the $24 million he stolen? He must give it all back and work his ass instead. 😾

$ 0.00
4 years ago

these types of criminals often see this as a challenge for their skill, offering an opportunity to brag. but i don't think this one was very good at hiding his/her tracks, as evidenced by some of the tweets that were sent out.

$ 0.00
4 years ago

As a humble farmer I am directly affected but they redacted quick and I think they will bounce back

$ 0.00
4 years ago

oh friend, i completely forgot you had a stake...i'm sorry this happened. i hope there's a good outcome, and a solid recovery. and thx for the tip!

$ 0.00
4 years ago

They stopped everything quick. Price dropped from $250 to $60 and recorded to $100

$ 0.00
4 years ago

that's very impressive actually!

how do you feel about the DeFi space? I honestly think there hasn't been enough security audits done on the coding.

$ 0.00
4 years ago

Harvest.Finance just passed 2 audits. The situation is a bit weird as some experts started to complain about their system and than the hack happened

$ 0.00
4 years ago

Wow, that was unbelievable to read what was going on. More exciting than many hacker movies. (at least if you're not invested with your life savings.)

I have to hand it to Harvest Finance. They did a fantastic job of taking responsibility, being transparent about what is going on and the fact that they received part of the money back (at least) is fantastic. Let's hope they get most of it back.

And I agree with you. I would also get my funds out of DeFi if I had any in it.

$ 0.00
4 years ago

Multinational corporations spend millions to keep hackers out. i would be curious to know how much these DeFi platforms spend in comparison.

my guess is that all DeFi plaforms are at risk right of being hacked right now.

and it's a good thing that both of us are risk averse to this space right now.

$ 0.00
4 years ago

That must be painful

$ 0.00
4 years ago

yes, but in a lot of ways, these investors did not check as carefully as they needed to. these systems are new. many people were already warning about potential problems with the coding, but those warnings were mostly ignored.

$ 0.00
4 years ago

Yeah there was a huge risk too

$ 0.00
4 years ago

That must be painful

$ 0.00
4 years ago

Too sad for them.. Hackers are really everywhere

$ 0.00
4 years ago

they tend to stay one step ahead of everyone else. thx for visiting!

$ 0.00
4 years ago

True.. Any online platforms are really prone into it

$ 0.00
4 years ago

Simply because their security is not that safe. They putting any ones money at risk because of the low class of security that they have.

$ 0.00
4 years ago

they need to take a look at the coding.

$ 0.00
4 years ago

They should have.

$ 0.00
4 years ago

Thank you for giving us the infromation

$ 0.00
4 years ago

you are very welcome...thanks for visiting!

$ 0.00
4 years ago

Welcome

$ 0.00
4 years ago

full of information this is good article

$ 0.00
4 years ago

thank you so much!

$ 0.00
4 years ago

welcome dear

$ 0.00
4 years ago

Very low security and its so good easy for hackers.

$ 0.00
4 years ago

thanks for visiting!

$ 0.00
4 years ago

💝💝

$ 0.00
4 years ago