The first flash loan attack on the BSC chain with 30 million US dollars stolen.

In the world of DeFi, with the help of smart contracts, the threshold for individuals to create financial products has been greatly reduced. People can freely design their own financial products according to their own needs, and realize convenient transactions through combinations.

At present, as the combination of DeFi protocols becomes more and more abundant, a large number of "currency Lego" protocols have emerged, from the first-generation decentralized exchange Uniswap in the Ethereum ecosystem, to the second-generation evolutionary version of Sushiswap, and then to the Binance Smart Chain PancakeSwap in the ecology, but the risks in the combination process have gradually become prominent.

On May 2, the DeFi protocol Spartan Protocol was attacked by hackers. PeckShield "Pie Shield" found through tracking and analysis that Spartan Protocol was attacked by flash loans and lost $30 million.

The Twitter and Discord accounts of the Edgehogs project were stolen: On November 26, according to CertiK monitoring, the Twitter and Discord accounts of the NFT project Edgehogs have been stolen. edgehogs[.]art is a phishing site. Do not interact with this URL, or connect your wallet to this URL. [2022/11/26 20:48:30]

Spartan Protocol (Spartan Protocol) is an asset liquidity project designed to solve various problems in the existing AMM protocol and synthetic assets. The liquidity pool of the Spartan Protocol is the core of this protocol, and all related applications in the system cannot do without the support of the liquidity pool. SpartanSwap applies THORCHAIN's AMM algorithm. This algorithm uses Liquidity-sensitive fee to solve the problem of liquidity cold start and slippage.

Beosin: A brief analysis of the hacking incident of the UVT project. The stolen funds have all been transferred to Tornado Cash: Jinse Finance reported that according to the Beosin EagleEye security warning and monitoring platform, the UVT project was hacked and the amount involved was 1.5 million US dollars. The attack transaction is 0x54121ed538f27ffee2dbb232f9d9be33e39fdaf34adf993e5e019c00f6afd499

After analysis by the Beosin security team, it was found that the attacker first used the 0xc81daf6e method of another contract deployed by the developer with Controller permission, which would call the 0x7e39d2f8 method of the attacked contract. Because the contract has Controller permission, it was transferred directly through verification All UVT tokens in the attacked contract were tracked by the Beosin security team through Beosin Trace, and it was found that all the stolen funds had been transferred to Tornado Cash. [2022/10/27 11:48:46]

The following is the attack process: first, the attacker lends a flash loan of 10,000 WBNB from PancakeSwap;

More than 700,000 RAI tokens were stolen from RAI Finance due to a ChainSwap contract loophole: Official news, RAIFinance, a cross-chain transaction protocol based on the Polkadot blockchain, stated that 707,133 RAI tokens were stolen due to a loophole in the ChainSwap contract of the cross-chain asset bridge, the team Said that the stolen amount is not large compared with the current total market value of RAIFinance, and reminded the community to avoid panic, and will continue to monitor this issue and try to maintain the price of RAI tokens. In addition, RAIFinance stated that since this is the second attack caused by Chainswap smart contract security issues, it will consider replacing the cross-chain bridging partner. [2021/7/11 0:43:10]

At this time, the attacker wrote 2,536,613.206101067206978364 SPARTA and 11,853.332738790033677468 WBNB. The attacker injected these Tokens into the liquidity pool to provide liquidity and minted 933,350.959891510782264802 tokens (SPT1-WB);

News | BTC stolen from Binance changed 1,226 BTCs were transferred to a new address: According to data from the PeckShield digital asset escort system, at 5:09 pm today, 7,074 BTCs were stolen from the hot wallet of Binance Exchange for the first time The hacker emptied 2 of the 20 addresses and transferred 2 sums of 1,226 BTC to the two new addresses starting with bc1qkwu and bc1q3a5. According to the analysis of PeckShield security personnel: Hackers may adopt the method of creating new addresses and dispersing storage to evade tracking. Please pay attention to the latest capital flow in major exchanges and freeze relevant addresses in a timely manner. [2019/5/8]

Announcement | TokenPocket wallet official response to the theft incident: Today, a user broke the news on the Internet that the TokenPocket wallet was stolen. In response to this incident, TokenPocket officially responded. The following is the response content:

On June 28, TokenPocket released a paid EOS account self-service creation platform. Users can create an EOS account name by submitting their public key, email address, and account name to be registered. Among them, public and private key information, we recommend an open source tool on github from EOSTEA (node id: eosteaeostea) to generate (we have confirmed that the tool has no problem). At 6:00 p.m. on July 2, we found that there were problems with the public keys provided by some users. After investigation, these users all used a certain method on the EOSTEA platform, which caused problems with the public and private keys (announcement will be made later). We sent warning emails (the only email contact method) to these 9 users before 7:00 p.m. on July 2.

At around 2 am on July 3, we received user feedback that the account was stolen, and the user's owner and administrator permissions were modified. As the operator of the self-service platform, we are working hard to contact the EOS arbitration ECAF and major nodes to actively promote the resolution of the matter. [2018/7/3]

In the fourth step, the attacker transfers 21,632.147355962694186481 WBNB and all SPARTA, that is, 2,639,121.977427448690750716 SPARTA obtained in the above three steps, into the liquidity pool to raise asset prices.

The fifth step is to burn 933,350.959891510782264802 tokens (SPT1-WBNB) obtained from the second step and withdraw the liquidity. Since the liquidity pool is in an inflation state, a total of 2,538,199.153113548855179986 SPARTA and 20,694.059368262645 W0672 are burned in the second step B. , the attacker only exchanged 11,853.332738790033677468 WBNB, and the attacker made a profit of 9,000 WBNB;

In the sixth step, the attacker injected 1,414,010.159908048805295494 pool token in the fourth step to provide liquidity for the flow pool, and then started the burning mechanism to obtain 2,643,882.074112804607308497 SPARTA and 21,555.69728926154636986 WBNB.

The attacker called the liquidity share function calcLiquidityShare() to query the current balance, and then manipulate the balance arbitrage. The correct operation needs to use the baseAmountPooled/tokenAmountPooled state.

The operation of the DeFi system needs to be guaranteed by smart contracts, which requires the code of smart contracts to be carefully reviewed. Once there is any vulnerability in the smart contract, it may become the target of hackers.

Under traditional conditions, hackers mainly rely on their advantages in computer technology when attacking the financial system, but in the existing DeFi ecosystem, due to the interoperability between chains and applications is not so good , so the probability of arbitrage between cross-chains and cross-applications may be greater. At this time, even a person with not so strong computer skills can become a hacker and attack the DeFi system as long as he has enough financial knowledge and enough market sense.

Hackers use flash loans on the blockchain to lend a large amount of funds at a small cost, and then use the funds to cause price fluctuations in some digital assets, and then profit from them. It first emerged in Ethereum, and with Binance Smart Assets in the CeFi + DeFi ecosystem such as chains are becoming more and more abundant, and hackers are also waiting for opportunities at any time.

The relevant person in charge of PeckShield "Paid Shield" said: "The attack method is still changed, but it is just transferred from one chain to another. DeFi protocol developers should check the code after the attack. If you don't understand this, We should find a professional audit institution to conduct audit and research to prevent problems before they happen.”

Tags：

OKX Exchange App