Defi lender bZx Losses $55 Million as a Result of Phishing Attack

^(Source)

Evening

So another defi platform fall prey to exploitation, as DeFi lender bZx suffered a loss of $55 million on Friday according to blockchain security firm Slowmist. Surprisingly this wasn't a protocol breach, instead a private key controlling protocol’s deployment on Polygon and Binance Smart Chain got compromised due to a phishing emails sent to a developer's personal computer.

Autopsy of exploit revealed that it began with a phishing email sent to one of the developer's personal computer. The email contained malicious macro in a word file disguised as a legitimate attachment. The macro was able to run a script, compromising developer's personal mnemonic wallet phrase controlling the protocol’s deployment on Polygon and Binance Smart Chain.

25% of the stolen funds belong to team's personnel wallets. Apart from team's personal funds; lenders, borrowers and farmers with funds on BSC & Polygon are also affected.

As per bZx they are still working to determine total amount of funds stolen and are working with law enforcement to identify the hacker & recover lost funds.

It is pertinent to mention that this is not the first bZx got exploited. As last year bZx suffered three hacks losing approximately $18 million out of which only $8 million were recovered.

Posted Using LeoFinance ^Beta