Flawed code made hacker $8M more richer.

30 93
Avatar for alberdioni8406
Written by
4 years ago
In community: Cryptocurrency and Blockchain(7b7f)

It's kinda some bad "karma" about hacking on bZx, with the third attack on the lending protocol making criminals $8M more richer, in February two other attacks also made some of this criminals steal more than $925,000 from bZx smart contracts.

The hacker exploited a flawed code which made them duplicate their assets and made possible to the hacker mint:

  • 219,200 LINK, tokens (worth $2.6M)

  • 4,503 ETH ($1.6M)

  • 1,756,351 USDT ($1.7)

  • 1,412.048 USDC ($1.4M)

  • 667,989 DAI ($680,000)

  • That's a total sum of $8.1M in losses.

The decentralized lending protocol with the hacking didn't lost only funds in the incident but also the trust of users who locked value in the protocol, who after the attack the total value locked reduced extremely from more than $21M to near $6M, check on Defipulse, meaning that besides the attack users also take down some funds from the protocol in about $7M.

The DeFi project is doomed and may lose customers which won't handle this constant attacks, the bZx team made a statement saying that funds from customers aren't lost are safe with the firm to compensate the losses with their insurance firm, but no one like a smart contract with problems and no audit could solve it right now because bugs may be a lot more not detectable right now and to have it more secure the smart contracts must be evaluated in shut down mode.

Well, let's see what the team will do in order to gain trust one more time from their investors and willing to put more assets in the lending protocol... I believe that will be very hard to convince them!

Stay tuned for more news, download Brave Browser and earn BAT for watching non intrusive ads and surf secure the web, earn some BCH for your articles joining read.cash, subscribe for more updates.

52
$ 0.54
$ 0.54 from @TheRandomRewarder
Sponsors of alberdioni8406
empty
Become a sponsor
Get sponsored
Avatar for alberdioni8406
Written by
4 years ago
In community: Cryptocurrency and Blockchain(7b7f)

Comments

Cheap ways to earn money.if the hackers have real cradibility they should make their own software and run it.

$ 0.00
User's avatar Maahi
4 years ago

Thanks for passing by ansmd leaving your comment, I really appreciate it.

$ 0.00
User's avatar alberdioni8406
4 years ago

This is a one big issue. Some says that your money or the investment that you will have is and will always be safe in a company with a smart contract. But what happens to the Company makes its Investors to lose their trust to them. Losing that huge amount of investment from your investors will surely also lose their trust and sight of the future of your company. As of todays, hackers has become very intelligent and exploring in the internet. We can't say we our money is safe in a digital world because we still don't know what they are still capable of.

$ 0.00
User's avatar Valryan14
4 years ago

That was bad for bZx and what they lost most was the Trust like you noted and that is something that to recover will take time!

$ 0.00
User's avatar alberdioni8406
4 years ago

I wonder how can they get up from what they have lose? Can they still stand up in front of their investors after all that have happened?

$ 0.00
User's avatar Valryan14
4 years ago

Will be difficult and in DeFi people are looking to earn money not to join protocols that can pit their money in danger, this time they didn't lost because their assets have insurance but what about tomorrow?! And o note that this firm allowed their 3 hacking in a couple of months losing barely $9M they definitely lost Trust.

$ 0.00
User's avatar alberdioni8406
4 years ago

Nice article very impormative to us.

$ 0.00
User's avatar Cjeeh09
4 years ago

Thanks for the compliment mate🙌

$ 0.00
User's avatar alberdioni8406
4 years ago

This is concerning...I think DeFi has become the new wild west, since crypto was already considered to be the wild west.

I see comments below about proper coding, and audits, but the truth is criminals are extremely intelligent. It would be naive to think hacks are a result of a few individuals. I'm sure there are sophisticated teams of criminals working on exploits with varying degress of participation among individual members.

Huge tech companies face hacks all the time, and they have enormous resources to tackle that problem. Yet hackers are still successful. I can't imagine a small team on a new project with limited resources.

I think right now, the advantage is with the criminals, and I would be reluctant to invest in new projects for a while.

$ 0.00
User's avatar pusher
4 years ago

so you mean their codes is not tried and tested if theres a leak or bug.most often before they published some apps of software no it would be passed on apps tester for security

$ 0.00
User's avatar MaeGun
4 years ago

Well it may have passed for inspection before goes online but if the code isn't well designed and audited for security purposes to work in smart contracts it an have bugs and hackers everyday pass to test this and exploit if they flaw, and this case unfortunately to bZx lost $8M.

$ 0.00
User's avatar alberdioni8406
4 years ago

its a huge amount,and they didn't notice that for how many days about whats going on in their codes...its a bad luck for them..

$ 0.00
User's avatar MaeGun
4 years ago

Actually they did an update on the code the same day was exploited maybe the flaw just happened for a human error because the smart contract was recently audited.

$ 0.00
User's avatar alberdioni8406
4 years ago

Nice article

$ 0.00
User's avatar abdulla11
4 years ago

Nice

$ 0.00
User's avatar Rafia
4 years ago

Thanks you so much bro absolutely correct we need more about that.

$ 0.00
User's avatar Zico01
4 years ago

It is important to hire talented programmers to make the code perfect!

$ 0.00
User's avatar Chesatochi
4 years ago

Yes it's a nonsense those protocols should have great software engineers to create and audit them or else they will be always target of criminals.

$ 0.00
User's avatar alberdioni8406
4 years ago

And it is still unbelievable they can still manage to keep 6 mil... I would have taken out everything already... 1 time maybe, 2 time no, 3 times never! It reminds me of ETC...

$ 0.00
User's avatar Yann.Poire
4 years ago

They still believe somehow could change something, but they are wrong that protocol is doomed to fail and with that takes peoples money.

$ 0.00
User's avatar alberdioni8406
4 years ago

In a different point of view it means that they are improving and they must be getting much much more careful. I think projects like these are based on very small teams with a ressources. And they do have to get their things out... At least they were smart enough to get insurance. As I said not for me but this might attract some people as they can only get better.

I would be scared is something like this went unoticed to be discovered in some other major chains or worse in ETH or BTC or any other "softwares".

$ 0.00
User's avatar Yann.Poire
4 years ago

Well they may be small in team but practical a big firm with almost $21M TVL and with insurance may be perfectly capable to hire software security engineers that can be able to detect easily this flaws, and they also have audit firms working with them!

$ 0.00
User's avatar alberdioni8406
4 years ago
About us Rules What is Bitcoin Cash? Affiliate program Get sponsored Self-host