2 Reasons Why Ethereum DeFi Hacker Returned $25 Million in Hacked Funds

The weekend saw an exploit of the dForce DeFi protocol which netted hackers $25 million worth of crypto. This consisted mostly of Ethereum and stablecoins, with Bitcoin bringing up the tail end of assets stolen.

But in a stunning turn of events, the attacker has since returned the stolen funds. Observers believe this was due to poor hacking practice that left his identity exposed.

Mostly Ethereum Stolen in dForce Attack

On Saturday night there was an attack of the Lendf.Me open-source market protocol, which is part of the dForce network of DeFi protocols.

dForce currently operates two protocols, the other one being USDx. This is a meta-stablecoin that is pegged against a basket of regulated stablecoins in USDC, PAX, and TUSD.

Like the crop of most DeFi protocols at present, Lendf.Me operates by matching the supply and borrowing of Ethereum-based ERC20 tokens. It allows users to deposit ERC20 stablecoins to earn interest or borrow supported assets using crypto as collateral.

The attack netted $10 million of Ethereum, $4.4 million Bitcoin, with the $10.4 million balance consisting of various stablecoins.

According to blockchain security researchers, PeckShield, the attacker exploited a bug in the lending function that approved the release of funds in collateral exchange for imBTC, a token which pegs Bitcoin and Ethereum.

“the deposit function, i.e., supply() in Lendf.Me is hooked by embedding an additional withdraw() operation, leading to the effect of increasing the internal record of the attacker’s imBTC collateral amount without actually depositing the amount.”

dForce DeFi protocol exploited to steal mainly Ethereum

Value locked in dForce in USD following the attack….

Source Link