$450K worth of cryptocurrency stolen by ‘sophisticated’ hacker from DeFi Balancer Pool
Hackers exploited a weakness in a DeFi protocol.
Wed, 01 Jul 2020, 16:08 pm UTC
Decentralized finance (DeFi) liquidity provider Balancer Pool was attacked by a hacker on Sunday resulting in a loss of almost half a million dollars worth of cryptocurrency. Using a sophisticated method that exploited a loophole, the attacker was able to trick the protocol into releasing $450,000 worth of tokens.
The sophisticated hacker attacked two pools that contained two different Etherim-based tokens with transfer fees, also known as deflationary tokens, Bitcoin.com reported. The incident happened on June 29, 2020, when the hacker targeted two pools contained Statera (STA) and STONK tokens.
The hacker or hackers then implemented a series of maneuvers to exploit a loophole in the protocol. As a result, the cybercriminals were able to make off with 601 ETH, 22,600 chainlink (LINK), 61 synthetix (SNX), and 11 wrapped bitcoin.
The total value of the tokens is around $451,000. Based on an analysis made by Dex aggregator 1inch.exchange, the hacker automated multiple actions into one transaction by using a smart contract.
In the attack of the pool containing Statera tokens, the cybercriminal borrowed ETH worth $23 million in a flash loan from dYdX, a crypto-lending platform. They were then converted into WETH or wrapped ETH, according to Balancer CTO Mike McDonald in a Medium post.
The attackers then traded WETH, against themselves, for STA, “an investment token that uses a transfer fee model and burns 1% of its value every time it’s traded,” according to Coindesk. They traded between WET and STA in increasing amounts for a total of 24 times.
“After enough calls, the attacker calls gulp() which syncs the internal pool accounting of a token balance to the actual balance as stored in the token tracker contract,” McDonald explained. “Because the balance of STA is close to zero, its price relative to the other tokens is extremely high and the attacker can now use STA to swap for other assets in the pool extremely cheaply.”
The attackers used a similar method using other tokens. Aside from WETH, they also used WBTC, LINK, and SNX which were traded against Statera tokens.
The hackers hid their tracks well suggesting that they are very knowledgeable about how things work. For instance, the ETH used to pay the transaction fees and smart contract passed through the Ethereum-based mixer service Tornado Cash erasing their traceability.
“The person behind this attack was [a] very sophisticated smart contract engineer with extensive knowledge and understanding of the leading DeFi protocols,” 1inch said in its blog post.
<Copyright © TokenPost. All Rights Reserved. >