Posts

Deus Finance Hacked AGAIN - Losses Total Over $16.5 Million

avatar of @l337m45732
25
0xNifty.nft
@l337m45732
·
·
0 views
·
3 min read

All these DeFi hacks are looking a little sus to me...

Deus Finance's 2nd Hack in 2 months

I feel like it was just yesterday that I was reading about how $3 million was stolen from Deus Finance. It's funny because it might as well have been yesterday. This was only a month ago. Basically, a hacker was able to use a flash loan attach to exploit the contract that runs the protocol to siphon out $3 million. If you're not familiar with the term flash loan, check out this article from CoinDesk. Flash loans are uncollateralized crypto loans that are issued and paid back all within one single transaction. This is a controversial thing for many reasons, but it does actually have use-cases. Maybe we can talk about that in another post.

Fast forward only one month later to yesterday, and we are seeing the same exact thing happen again. Deus Finance was exploited once again, but this time for $13.4 million via yet another flash loan attack. You'd think that they would have re-worked the smart contract to avoid this happening again. The least they could have done was get a fresh audit and fix the issues.

Here's how this played out.

Keep in mind - this is all done in one single transaction so your average Joe isn't gunna be doing flash loan attacks. This is well thought out and very planned.

First - the flash loan itself is issued for $143 million USDC. Then that 143 million USDC is swapped on the market for 9.5 million DEI (the Deus Finance "stable coin"). This causes the price of DEI to be extremely high in comparison to where it should be. 71,436 DEI is used as collateral to borrow 17.2 million DEI (due to the highly manipulated price from the swap). Then the loan is repaid netting the attacker $13.4 million.

That's pretty damn slick if you ask me. The attacker literally used the loan to sweep the order books and inflate the price of DEI to borrow more than they should have been able to. Tricking the system into emptying its protocol liquidity. Oof.

Here's what the actual transaction looks like.

Immediately after the loan closed and the profit was sitting in the attacker's wallet, funds were siphoned out to Tornado cash in chunks of 100 ETH. What the attacker is doing is trying to obfuscate the trail of where the stolen funds are going by using a mixing service.

Since we all know the blockchain doesn't lie, it's often easy to trace where funds are going to an extent. With the use of mixing services like Tornado Cash, though, it becomes much more difficult. The longer the funds sit in Tornado, the harder it becomes to trace them. Who knows how long the attacker is willing to wait. If it were me, I'd forget about it for as long as possible.

It's going to be very difficult to identify the attacker but supposedly they have identified the attacker's Binance account. Rookie mistake using an exchange that makes you do know your customer verification. If it truly is the attacker's account, they have their name, address, ID and everything necessary to pursue legal action. I sincerely hope they do.

Don't let us down, Cyber Action Fraud Police of England. We're counting on you. This is why it's always important to do your research before using a DeFi platform. Could the same thing be done to other platforms? Probably. This is why it's of the utmost importance to check the smart contracts for potential bugs with a fine-toothed comb.

This attack could have been avoided if the price oracle for DEI was able to gather price data in a different way. Don't ask me how - I'm not a dev. Either way though....

Stay safe out there frens, it's the wild west in crypto land.

Thanks for reading! Much love.

Links 'n Shit

Play to EarnRead emails, Earn CryptoGet free crypto every dayGet a WAX wallet
Gods UnchainedListNerdsPipeFlareWAX.io
SplinterlandsGoodDollar
Rising StarFoldApp

Posted Using LeoFinance Beta