One more protocol exploited, with hackers this time taking home more than $5 millions in crypto assets. Value DeFi have lost assets in DAI stablecoin ($5.4 in a total of $7.4M they stole, luckily they returned $2M and kept $5M to them), the incident happened this Saturday.
The attackers used a flash loan to steal those assets. Flash loans give permission to users to borrow funds instantly as long the user returns it within one transaction block, allowing them to take advantage from uncollateralized loans. So the attackers borrowed 80,000 ETH from the Aave protocol, and in a curious move the hackers after borrowing it they returned $2M and kept the millionaire "reward" of $5.4M to them and fill their pockets with peoples funds.
This wasn't all the criminals did, as part of the attack they left a message to the Value Team, it seems the hackers are playing with the team behind Value DeFi showing them that they can exploit the protocol and steal funds from it, on Friday the Value DeFi team said on a thread that they have prevention to flash loans attacks, but seems they were wrong about.
The incident was confirmed by the Value DeFi team on their twitter official account, and soon I believe, they will release a post mortem article on the official channels of the company.
This was the second attack on DeFi protocols after the Harvest.Finance lost funds due to a breach who made the hackers to access more than $20M in people funds locked on smart protocols, this attacks won't end and it's necessary to teams behind this business to stay up-to-date with their security system. Hackers are becoming more sophisticated than ever, the security exploit they do it possible because they are evolving in the same way the security team are. They have the latest softwares and methods to break even the best ways to protect a multi billionaire business.
Most unnaudited protocols are vulnerable to this kind of attacks, that even the audited ones can fall on them, flash loans are the ones who cause severe damage to protocols, early this year zBx protocols also suffered several losses due to this kind of attack. Luckily most of this hackers who exploit this business somehow manage to return some of this funds and keep some, it seems they don't wanna kill the business just show them that can break their security and steal some money from them, in the case from Value DeFi they took home $5.4M in funds.
The companies dealing with smart protocols must have security measures that can enhance and assure they clients that can have the funds with them safely. Have been proved that criminals who steal from this protocols do their homework and knows which protocols are vulnerable, negligence of this team behind this kind of business take them to get exploited and led people to get ripped of their hard earned cash, most of this business can't assure the return of peoples money.
Does why it's need to make a good valuation when wanna deal with smart protocols, make an exhausted research and only after that put money into them, after hacked this companies (most of them) doesn't last and can vanish anytime, so DYOR is a must in this cases.
Never negligence your money!
Stay connected for more news like this and much more, don't forget to download Brave Browser to earn BAT tokens for watching non intrusive ads, subscribe for exciting articles about crypto and blockchain world.
Have a great Sunday.
I thought that the DeFi protocols were more secure, it's really interesting to read articles like these that spot vulnerabilities