Sub: Flashed Again ⚡- Reign of Flash Loans isn’t over ⚠️!
Japan’s Liquid Global Exchange Exploited for $90M in Crypto
Liquid Global, a regulated Japanese cryptocurrency exchange’s online hot wallets were hacked for an estimated $94M including $31Million in Ether, $5Million in Bitcoin and $13Million in XRP. $45M worth tokens connected to Ethereum blockchain were also stolen.
The hacker converted a few of the tokens to Ether cryptocurrency using decentralised peer-to-peer exchanges.
Pinecone Finance suffered a loss of 3,500,000 PCT tokens
Pinecone Finance protocol token (PCT), a yield optimizer protocol, was hacked when the Pinecone PCT pool pledge went online. The front-end was processing illegal characters, the hacker bypassed the front-end and called the smart contract directly through an ordinary account.
The hacker deposited PCT tokens greater than the net available balance. During the withdrawal process, a user can withdraw more tokens. Currency prices plunged. Total loss- 3,500,000 PCT tokens.
Flash-Loan attack on XSURGE DeFi for $5M
XSURGE DeFi, was attacked using a flash-loan attack on Binance Smart Chain (BSC) for $5Million. The cause of the hack was an error in the sell() function of the SURGE smart contract.
Ref Finance siphoned off for $3M+
Ref Finance, a collection of protocols powered by smart contracts on the NEAR blockchain, was hacked due to the patch of a recently deployed contract.
The issue was due to the abnormal behaviour of the REF-NEAR trading pair which was exploited by several users. Amount loss is $3M+.
Vulnerability Write-ups:
Postmortem of PCT Staking Contract by Pinecone Team.
DeFi Security:
Unlimited Approval in ERC20 Convenience and Security by Blocksec Team
hSecurity First in DeFi: How to use fantastic metrics to monitor your web3 projects by Binance.