This Week in Hacks
BadgerDAO exploited for $120.3 Million
BadgerDAO, a yield vault protocol, suffered a front-end exploit for $120.3 Million in various cryptocurrencies from the vault. BadgerDAO received various complaints of unauthorised access to user accounts which the team immediately started investigating.
The protocol experienced an issue with the website front-end. All contracts are paused. As a result, $BADGER token is down 17.33% at the time of writing.
MonoX Flash Loaned for $31 Million
MonoX, single sided liquidity pools for tokens, became yet another victim of flash loans in the era of ever growing attacks. $31 Million worth of tokens were stolen on Polygon and Ethereum blockchain.
The attacker currently holds all the stolen tokens in his wallet. Stolen tokens include MATIC, ETH, LINK,WBTC, WETH, GHST, DUCK, MIM, IMX.
Borealis Finance a yield farming project on AVAX Blockchain Soft Rugged
Borealis Finance, a yield farming project on Avalanche blockchain was found soft-rugging the investors as the masterChef owner created a new pool with high allocation points and new tokens that the owners are farming and dumping.
The total value locked in the project is slightly above $7,000. The developer team shows no development activity or response to the audience.
Visor Finance was exploited through a Flash Loan vulnerability
Visor Finance, DeFi protocol for liquidity management, was updated of a flashloan vulnerability which was exploited by an attacker but the team’s behaviour acknowledging the issue caused outrage on Twitter.
Critical Vulnerability Spotted in the dYdX protocol
dYdX protocol, a non-custodial DEX on the Ethereum blockchain patched a potential critical vulnerability which could have drained locked funds.
The critical vulnerability was reported by white-hat hacker Samcuzn to the dYdX team. No funds were lost in the event. The affected funds of 700 accounts ($2 Million) were diverted to an escrow smart contract for the recovery process.
Lever protocol smart contract was Flashed Loaned recently
Lever, a margin trading platform, became another victim of flash loans. According to the official report, the Lever protocol smart contract was attacked with 2,100 BNB from PancakeSwap and deposited 2,000 BNB in the Lever BNB vault. Lost tokens include ETH, BAKE, DOT, DAI, XVS, USDT, BTC, WBNB. The total loss is above $652K.
To the Numerophiles out there 🔢
$7.5 Million NFT Collection Accused of Using Art Without Permission.
Source: here
More From the Editor’s Desk
DeFi had been the flagbearer of the crypto boom in 2020 and the heat refused to die down through 2021 as well. With more and more people flushing their funds into yield farming, DeFi continues to be in the long run.
Smart contracts have come off as a ground-breaking revelation. However, there is another side of the coin as well. Smartcontracts have proven to be the weak link in the DeFi ecosystem.
To protect a DeFi project from vulnerabilities, conducting a thorough check of the contract is imperative. Automatic as well as manual audit needs to be conducted in tandem to make the audit as thorough and accurate as possible.
Click the link below to sail through the - “7 Biggest Challenges with DeFi Smart Contract Audits Today”.