Ethereum DeFi Hack – bZx Exploit Clearly Explained
The bZx decentralized finance (DeFi) lending protocol has been hacked twice in less than a week. The total losses from the two attacks amounted to about $ 954 thousand.
As a result of the second attack, the project lost 2388 ETH, or almost 650 thousand at the current exchange rate. According to bZx founder Kayal Kistner, the attacker’s actions look like manipulation of the oracle.
Although the fraud using flash credits and trading on crypto-exchanges does not affect the system, due to the recurrence of the incident, the team had to suspend the protocol to neutralize such activity..
According to technical experts, the attacker took out a loan of 7,500 ETH (almost $ 2 million), half of which he spent on the purchase of synthetic stablecoins sUSD, in order to use them as collateral for obtaining a loan. Then he used about 12% more ether to raise the sUSD rate on the Kyber Network trading platform from $ 1 to $ 2.
For the collateral that had increased in value, he took out a second loan for 6796 ETH, at the expense of which he not only repaid the first, but also kept 2378 ETH for himself..
Developers plan to prevent further loss of funds by switching to Chainlink platform oracles.
One of the main problems startups in the crypto industry is of high interest from hackers. In December, the Fund VeChain reported a buyback wallet hacked and tokens stolen for $ 6.6 million.
text: Ivan Malichenko, photo: jacksonllp