Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
Onyx Protocol attacker starts transferring $2.1 million in stolen funds via Tornado Cash.
The decentralized peer-to-peer lending platform Onyx Protocol experienced a loss of approximately $2.1 million due to an exploit in a market that lacked liquidity, which was launched on October 27.
The hacker behind the Onyx Protocol took advantage of a known vulnerability, specifically a rounding error associated with the widely used CompoundV2 fork, as detailed by blockchain investigator PeckShield shortly after notifying about the unnoticed hack affecting the protocol.
#PeckShieldAlert @OnyxProtocol has been exploited for ~2.1M pic.twitter.com/5Z50tCg6MD
— PeckShieldAlert (@PeckShieldAlert) November 1, 2023
The purported liquidity-deficient oPEPE market was “exploited through donations to borrow funds from other liquid markets,” as uncovered by PeckShield’s independent inquiry into the incident.
“The donated funds were subsequently redeemed by taking advantage of the known rounding error.”
Related Posts
Earlier, on April 16, a similar bug was exploited by an attacker to steal $7 million from the multichain lending protocol Hundred Finance.
#CertiKSkynetAlert @HundredFinance’s attacker manipulated the exchange rate between ERC-20 tokens and htokens, enabling them to withdraw more tokens than they initially deposited. The estimated losses from this incident are around $7.4 million.
Stay vigilant! https://t.co/1hxAnFoNjj— CertiK Alert (@CertiKAlert) April 15, 2023
In the case of Hundred Finance, the attacker altered the exchange rate between ERC-20 tokens and hTOKENS, which allowed them to withdraw a greater number of tokens than they had originally deposited, according to CertiK.
Related: Crypto thief steals $4.4M in a day as toll rises from LastPass breach
Ongoing hacking attempts by malicious actors necessitate a deeper understanding of cryptocurrency tracking techniques.
A recent article from Cointelegraph Research outlines various strategies that can be employed to enhance crypto security through blockchain analysis. As described, tracking stolen cryptocurrency using blockchain analysis generally involves six key steps: transaction tracing, address clustering, behavioral analysis, pattern recognition, regulatory vigilance, and collaboration.
Magazine: Slumdog billionaire: Incredible rags-to-riches tale of Polygon’s Sandeep Nailwal
