Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
Polter Finance, a decentralized lending platform, has experienced an exploit on the Fantom chain, leading to the theft of more than $7 million in digital assets.
The platform acknowledged the breach on November 18, explaining that the attacker executed the exploit using funds that were initially obtained through Tornado Cash on Ethereum.
These funds were later transferred to the Fantom network prior to the execution of the exploit.
Polter Finance Suspends Operations
In a message on X, Polter Finance announced that the team halted the platform to mitigate further damage after the exploit was detected and informed key bridge operators about the incident.
“We identified wallets involved and traced it to Binance. We are still investigating the nature of the exploit. We are in the process of contacting the Authorities,” the team stated.
ALERT
@PolterFinance has reported an exploit on the #Fantom chain. Over $7M in digital assets have been stolen!
Transaction: https://t.co/2sFDXiLkpmThe attacker was originally funded via @TornadoCash on #Ethereum, with funds later bridged to #Fantom.
The team has taken… https://t.co/dYgVzDdsoh pic.twitter.com/N1u5sh7BPf—
Cyvers Alerts
(@CyversAlerts) November 18, 2024
@PolterFinance has reported an exploit on the #Fantom chain. Over $7M in digital assets have been stolen!
Cyvers Alerts The team has also reached out on-chain to the perpetrator, expressing a willingness to negotiate and refrain from legal action if the stolen funds are returned.
Meanwhile, some experts have attributed the incident to a vulnerability known as an ’empty market’ issue.
The empty market vulnerability refers to a flaw in DeFi platforms or smart contracts that attackers exploit when a market or trading pool experiences very low activity or liquidity.
When a market is “empty,” there are insufficient traders or assets to generate natural price movements or identify unusual behavior.
This facilitates price manipulation, deception of the platform, or exploitation of its calculations by attackers.
However, another researcher argued that it was not an empty market issue but rather a “faulty oracle price.”
The @polterfinance $polter was exploited when they added the new $BOO market. Initially, I thought it was another epic “empty market” rounding error bug. However, when I investigated further, it turned out to be a faulty oracle price.
pic.twitter.com/vBv0hol8SD
— Weilin (William) Li (@hklst4r) November 17, 2024
pic.twitter.com/vBv0hol8SD
Related Posts
Polter Finance operates as a decentralized non-custodial lending and borrowing platform where depositors can earn a share of the interest charged on loans.
Increase in Crypto Hacks
The recent event occurs amidst a growing wave of phishing attacks affecting the blockchain sector.
According to blockchain security firm CertiK, losses related to phishing in 2024 have surpassed $800 million, driven by increasingly sophisticated hacking methods.
These methods include wallet-draining schemes and address poisoning, which take advantage of users’ trust and lack of technical awareness.
CertiK reports that 247 phishing incidents have been documented so far in 2024, with the first quarter experiencing the highest number of attacks at 82 cases.
However, the second quarter saw significant financial losses, totaling $433 million, followed by $343 million in the third quarter.
Even with fewer incidents reported in the fourth quarter, the financial repercussions are expected to be comparable to earlier periods.
Hackers have been adapting their strategies, combining advanced tools like Angel Drainer and Pink Drainer with traditional techniques.
Wallet-draining scams frequently exploit permissions granted by unsuspecting users, allowing hackers to access funds.
Notably, Angel Drainer’s acquisition of Inferno Drainer indicates the emergence of more powerful phishing campaigns.
As reported, the Department of Homeland Security (DHS) has intervened in hundreds of crypto scam cases, recovering billions in extorted cryptocurrency since 2021.
DHS investigators have thwarted 537 ransomware attacks before they could inflict widespread damage.
The post DeFi Platform Polter Finance Loses $7M in Fantom Cross-Chain Exploit appeared first on Cryptonews.
