Macauley Peterson

DeFi stalwart <a href="https://blockworks.co/tag/yearn-finance">Yearn Finance</a> was the target of a dizzyingly complex attack early Thursday that resulted in a roughly $11.6 million stablecoin haul for the culprit.&nbsp;



But the root cause dates back over three years, to a version of the savings protocol that has long since been officially abandoned.



At least $8 million in stablecoins remains in the hacker’s control, most of which has been swapped to DAI, with the remaining millions exchanged for ether (ETH) and partially passed to crypto mixer Tornado Cash in an effort to obfuscate its origin.



Yearn’s YFI governance token initially fell by roughly 5% on the news, but remains up nearly 80% year-to-date, <a href="https://www.coingecko.com/en/coins/yearn-finance">data</a> from CoinGecko shows.



Yearn’s official Twitter <a href="https://twitter.com/iearnfinance/status/1646436798086672385" target="_blank" rel="noreferrer noopener">confirmed</a> the exploit, noting that the affected vault is “an immutable contract predating YFI, [that] was deprecated in 2020.”



The attacker was able to take advantage of a vulnerability in the deployment of one of the early Yearn vaults involving tether (USDT) deposits, which receive a Yearn-equivalent token yUSDT, according to security researchers <a href="https://twitter.com/osec_io/status/1646411673299996673?s=20">Otter Sec</a>, s<a href="https://twitter.com/samczsun/status/1646404331967778820?s=20">amczsun</a> and <a href="https://twitter.com/peckshield/status/1646411259125063686?s=20">Peckshield</a>.



Using starting capital of just 10,000 USDT, the perpetrator was able to mint over 1.2 quadrillion yUSDT and then swap those for other stablecoins via Curve Finance to extract a total of $11.6 million.



<figure class="wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter"><div class="wp-block-embed__wrapper">
<blockquote class="twitter-tweet" data-width="550" data-dnt="true">It appears the root cause is due to the misconfigured yUSDT, which is exploited to mint huge yUSDT (1,252,660,242,212,927.5) from a small $10K USDT. The huge yUSDT is then cashed out by swapping to other stable coins. <a href="https://t.co/Qz3vwtbcot">https://t.co/Qz3vwtbcot</a> <a href="https://t.co/xlsc2Nlmle">pic.twitter.com/xlsc2Nlmle</a>&mdash; PeckShield Inc. (@peckshield) <a href="https://twitter.com/peckshield/status/1646411259125063686?ref_src=twsrc%5Etfw">April 13, 2023</a></blockquote><script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
</div></figure>



The attack vector is linked to an apparent oversight from February 2020, when the yUSDT token contract was <a href="https://twitter.com/samczsun/status/1646404331967778820?s=20">deployed</a> with a bug.&nbsp;



<figure class="wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter"><div class="wp-block-embed__wrapper">
<blockquote class="twitter-tweet" data-width="550" data-dnt="true">It seems like the iearn USDT token (yUSDT) has been broken since deploy, which was *checks notes* over 1000 days ago. It was misconfigured to use the Fulcrum iUSDC token instead of the Fulcrum iUSDT token.<a href="https://t.co/FMtjACkGNz">https://t.co/FMtjACkGNz</a> <a href="https://t.co/dxW9E0ndF1">pic.twitter.com/dxW9E0ndF1</a>&mdash; samczsun (@samczsun) <a href="https://twitter.com/samczsun/status/1646404331967778820?ref_src=twsrc%5Etfw">April 13, 2023</a></blockquote><script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
</div></figure>



The detail identified by Samczsun regarding an apparent &#8220;misconfiguration&#8221; is notable, according to Ernesto Garcia, Smart Contract Engineer at OpenZeppelin.



&#8220;It seems weird to me that the Fulcrum iUSDC address is hard-coded,&#8221; Garcia told Blockworks. “If the contract went through a review, it was either an oversight (everyone assuming the correct address), or might’ve been changed before deployment as some tweets out there suggest.”



Garcia suggested that <a href="https://t.yesware.com/tt/252a1dc1b77e7be51bd66e941fd1524918eea58e/1a60fbe2d305cf2e708367f1e0c08e38/e94e47d69f2a91992ca74b120202aa20/blog.openzeppelin.com/improved-security-through-bytecode-verification/">bytecode verification</a> against the audited code from the time would determine whether there was any deliberate tampering.



Aside from the age of the bug, the execution of this attack required multiple steps, three different DeFi protocols, including Aave and <a href="https://blockworks.co/tag/flash-loans">a flash loan</a>.



<figure class="wp-block-image size-large"><img decoding="async" loading="lazy" width="1280" height="697" src="https://blockworks-co.imgix.net/wp-content/uploads/2023/04/Peckshield.jpeg?w=1024&amp;h=1024" alt="" class="wp-image-52056" srcset="https://blockworks-co.imgix.net/wp-content/uploads/2023/04/Peckshield.jpeg?w=1280 1280w, https://blockworks-co.imgix.net/wp-content/uploads/2023/04/Peckshield.jpeg?w=300 300w, https://blockworks-co.imgix.net/wp-content/uploads/2023/04/Peckshield.jpeg?w=1024 1024w, https://blockworks-co.imgix.net/wp-content/uploads/2023/04/Peckshield.jpeg?w=768 768w, https://blockworks-co.imgix.net/wp-content/uploads/2023/04/Peckshield.jpeg?w=428 428w, https://blockworks-co.imgix.net/wp-content/uploads/2023/04/Peckshield.jpeg?w=470 470w, https://blockworks-co.imgix.net/wp-content/uploads/2023/04/Peckshield.jpeg?w=389 389w, https://blockworks-co.imgix.net/wp-content/uploads/2023/04/Peckshield.jpeg?w=80 80w" sizes="(max-width: 1280px) 100vw, 1280px" /><figcaption class="wp-element-caption">Diagram of the flow of funds; Source: <a href="https://twitter.com/peckshield/status/1646421063176450048" target="_blank" rel="noreferrer noopener">Peckshield</a></figcaption></figure>



Aave itself is unaffected, meaning its users are not at risk, <a href="https://twitter.com/peckshield/status/1646412503583432704?s=20">according</a> to Peckshield, nor are users of more recent Yearn vaults.



The unknown attacker converted $1.2 million USDT to 621 ETH, and used exploited <a href="https://blockworks.co/price/tusd">TUSD</a> stablecoin as collateral in Aave V2 <a href="https://etherscan.io/tx/0x297d0a87f20c8e4753663a4548c9e69e2086b18aaf48520f07561cd396f97088">to borrow</a> a further 320 ETH ($640,000). Much of that ether has been deposited into the Tornado Cash 100 ETH anonymity set, blockchain records <a href="https://debank.com/profile/0x16af29b7efbf019ef30aae9023a5140c012374a5/history">show</a>.



A separate <a href="https://debank.com/profile/0x6f4a6262d06272c8b2e00ce75e76d84b9d6f6ab8">wallet</a> linked to the first received over 4.7 million DAI and 2.5 million USDC, with the latter swapped to DAI, where it remains as of 9:30 am ET.



Hackers prefer DAI and ETH over USDC and USDT because the centralized stablecoins from Circle and Tether are more easily frozen, preventing further transfer.



<hr class="wp-block-separator">
Get the day’s top crypto news and insights delivered to your email every evening.&nbsp;<a href="https://cms.blockworks.co/newsletter/?source=end" target="_blank" rel="noreferrer noopener">Subscribe to Blockworks’ free newsletter</a>&nbsp;now.
 
Want alpha sent directly to your inbox? Get degen trade ideas, governance updates, token performance, can’t-miss tweets and more from&nbsp;<a href="https://blockworks.co/newsletter/research" target="_blank" rel="noreferrer noopener">Blockworks Research&#8217;s Daily Debrief</a>.
 
Can&#8217;t wait? Get our news the fastest way possible.&nbsp;<a href="https://t.me/blockworks_news" target="_blank" rel="noreferrer noopener">Join us on Telegram</a> and follow us on <a href="https://news.google.com/publications/CAAqBwgKMPyTxgswn6_dAw" target="_blank" rel="noreferrer noopener">Google News</a>.
<hr class="wp-block-separator">

Yearn Finance Exploit Points to Dangers of Old Smart Contracts

Sebastian Sinclair

<div id="highlights-block_634655ddb3f28" class="highlights">
 <ul>
 <li>Mango is currently investigating an exploit of the oracle price feeds for its own governance token</li>
 <li>The hacker responsible is asking DAO members to vote on a proposal that would return a portion of the stolen funds</li>
 </ul>
 
</div>



Mango Markets, a decentralized finance trading platform on the Solana blockchain, said Tuesday it was investigating a hack worth approximately $112 million in digital assets.



Mango said the hacker was able to drain funds from its platform utilizing a technique known as oracle price manipulation — a form of economic attack that has hit other DeFi protocols before.



The actor managed to withdraw various digital assets — mostly stablecoins, including $53.7 million in USD Coin (USDC) and $3.2 million in tether (USDT) — but also solana (SOL).



In an unusual twist, they’re <a href="https://app.realms.today/dao/DPiH3H3c7t47BMxqTxLsuPQpEC6Kne8GA9VXbxpnZxFE/proposal/3WZ5DpZXDvNAK4JwPS1HDPzSinEJUGpBC4XXx9vPtnVS" target="_blank" rel="noreferrer noopener">proposing to return</a> a portion of the stolen funds, namely Marinade-staked solana (MSOL), native SOL and the platform’s own MNGO governance token. The rest the culprit claims as a “bounty.”



That is, of course, if Mango’s DAO community votes yes on the thief&#8217;s proposal.



<blockquote class="wp-block-quote">“By voting for this proposal, mango token holders agree to pay this bounty and pay off the bad debt with the treasury, and waive any potential claims against accounts with bad debt, and will not pursue any criminal investigations or freezing of funds once the tokens are sent back as described above,” <a href="https://app.realms.today/dao/DPiH3H3c7t47BMxqTxLsuPQpEC6Kne8GA9VXbxpnZxFE/proposal/3WZ5DpZXDvNAK4JwPS1HDPzSinEJUGpBC4XXx9vPtnVS" target="_blank" rel="noreferrer noopener">the attacker wrote</a> on the protocol’s governance forum.</blockquote>



The hacker is requesting Mango use its treasury stash of 70 million USDC to repay “bad debt.” This debt derives from an <a href="https://cms.blockworks.co/solana-lending-protocol-faces-governance-conundrum/" target="_blank" rel="noreferrer noopener">incident</a> in June when the Mango community <a href="https://twitter.com/dadadadaffy/status/1539219965492047874" target="_blank" rel="noreferrer noopener">teamed up</a> with another Solana-based lending and borrowing protocol, Solend, to deal with a systemic risk caused by a single large borrower, at risk of liquidation, that put the entire Solana DeFi ecosystem in jeopardy.



The Mango DAO, or stewards of the protocol, should also not pursue any criminal investigations or freeze the attacker’s funds — via centralized stablecoins such as USDC and USDT — once the cryptoassets are returned.



But not all the assets will be returned; while a definitive amount for the bounty was not given, it can be assumed from the tokens omitted from the initial hack that the attacker is requesting to keep well over half of what they stole — substantially more than most “white hat” hackers or <a href="https://cms.blockworks.co/?s=bounty" target="_blank" rel="noreferrer noopener">bug bounty hunters</a> typically receive.



Still, Mango DAO members have so far voted in favor of the hacker’s proposal, with a 99.9% &#8220;yes&#8221; rate from roughly 33 million MNGO tokens — although just a single wallet address is responsible for the lion’s share of the vote. As DAOs go, this one is extremely centralized, with most governance votes being decided by just a handful of addresses.


<div class="wp-block-image">
<figure class="aligncenter is-resized"><img decoding="async" loading="lazy" src="https://lh4.googleusercontent.com/trU04t8jB7XWOD5WPANIn0V_WPQT9lauwb9qncu5j5DiqXFcACTG5GnxwVX3aFRxjwWcmRqTw-RJNNqsciFHU-Ycmi9pB30ehCiUrNjW1T8QOx2lWDsJ2FpZsuV601NVd5CGhPTavLBePiORAbewOcsAbqK2anQML0oV2M7H27yoxDpbwXPjOwkf3Q" alt="" width="800" height="276"/><figcaption>The top voters holding the bulk of MNGO tokens | Source: <a href="https://app.realms.today/dao/DPiH3H3c7t47BMxqTxLsuPQpEC6Kne8GA9VXbxpnZxFE/proposal/3WZ5DpZXDvNAK4JwPS1HDPzSinEJUGpBC4XXx9vPtnVS/explore" target="_blank" rel="noreferrer noopener">Mango governance vote</a></figcaption></figure></div>


A further 67 million yes votes are required for the proposal to pass a quorum threshold during the three-day voting period.



<h3 class="wp-block-heading">Price oracle manipulation</h3>



While the consultation and investigation continue, the platform’s stewards have requested users to cease depositing assets until the situation becomes clearer.



Dapps such as Mango rely on oracles to pull on-chain data for specific tokens. Manipulation occurs when protocols such as data feeds are corrupted, allowing transactions that were not intended.



In the case of Mango, the attacker was able to manipulate their collateral value via the platform before taking out “massive loans” totaling $112,199,876 from Mango’s treasury, security auditing firm <a href="https://twitter.com/osec_io/status/1579969927020412929" target="_blank" rel="noreferrer noopener">OtterSec reported</a> on Twitter.



OtterSec founder Robert Chen confirmed the figure to Blockworks who said the price manipulation was suspected to have occurred on centralized exchanges which Mango used to reference the value of the collateral.



MNGO’s price briefly spiked about 300% to $0.15 in the space of 10 minutes on the FTX exchange, then dropped 88% to under $0.02 following the attack.


<div class="wp-block-image">
<figure class="aligncenter is-resized"><img decoding="async" loading="lazy" src="https://lh3.googleusercontent.com/Ex0Qf7G_cCBVpkcvRInuxhu6D3qAr4Ujh6pQ5uwR_z0s6DxDKHHtistpPfC_lSxNUiHbLG26TMBk51UqyxFtY-glvT72k50Y4emXTJeVPLovBlZN5HHwiBkaWtMjmiHZJpi_SxABEv5w_bQ9b8Sb3L5q2u1yChE0dwG2926O21huIBRc2IJCzQ2mfg" alt="" width="800" height="500"/><figcaption>The MNGO/USD market on FTX, 1-minute time frame | Source: TradingView</figcaption></figure></div>


Solana developer Tom Geshury was credited with being the first to bring the hack to the security auditing firm’s attention.



Geshury told Blockworks the hacker used $10 million to self-trade Mango perpetual contracts and then an estimated $3 million to pump the price of MNGO and execute the plan, before market participants got wind of the scheme and began dumping their tokens.



Mango Markets is <a href="https://docs.mango.markets/tutorials/trading-on-mango" target="_blank" rel="noreferrer noopener">an interface to margin trade</a> on the Serum DEX, which is backed by the crypto arm of trading giant Jump Capital. Jump Crypto’s president Kanav Kariya also confirmed the mechanism at play in the exploit.



<figure class="wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter"><div class="wp-block-embed__wrapper">
<blockquote class="twitter-tweet" data-width="550" data-dnt="true">Jesus, the attacker pumped and dumped the mango token, which is a thinly traded token. Oracles just report the price. Pyth/Switchboard accurately reported the prevailing prices on exchanges&mdash; Kanav Kariya (@KanavKariya) <a href="https://twitter.com/KanavKariya/status/1579986625060573184?ref_src=twsrc%5Etfw">October 12, 2022</a></blockquote><script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
</div></figure>



Mango has released a <a href="https://twitter.com/mangomarkets/status/1579979342423396352?s=20&amp;t=UHiIdt-zGgX-qsdd8kfG6w" target="_blank" rel="noreferrer noopener">statement</a> saying it is taking steps to have third parties freeze funds in flight.



<blockquote class="wp-block-quote">“We will be disabling deposits on the front end as a precaution and will keep you updated as the situation evolves,” the group <a href="https://twitter.com/mangomarkets/status/1579979342423396352" target="_blank" rel="noreferrer noopener">said via Twitter</a>.</blockquote>



Blockworks attempted to contact several admins on the Mango Discord channel but was unsuccessful.



A number of protocols have been hit by such attacks this year alone, including DeFi platform Inverse Finance for <a href="https://halborn.com/explained-the-inverse-finance-hack-june-2022/" target="_blank" rel="noreferrer noopener">$5.8 million</a> in June and stablecoin lending platform Fortress Protocol for <a href="https://www.stealthlabs.com/news/fortress-protocol-lost-usd-3-mn-in-oracle-price-manipulation-attack/" target="_blank" rel="noreferrer noopener">$3 million</a> in May.



The attack against Mango comes less than a week after Binance’s own network, BNB Chain, was targeted for <a href="https://cms.blockworks.co/binance-pauses-trading-of-native-token/" target="_blank" rel="noreferrer noopener">hundreds of millions of dollars</a> via a cross-chain bridge exploit. The amount stolen was <a href="https://www.bnbchain.org/en/blog/bnb-chain-a-decentralized-response/" target="_blank" rel="noreferrer noopener">contained to about $100 million</a>.



<hr class="wp-block-separator">
Get the day’s top crypto news and insights delivered to your email every evening.&nbsp;<a href="https://cms.blockworks.co/newsletter/?source=end" target="_blank" rel="noreferrer noopener">Subscribe to Blockworks’ free newsletter</a>&nbsp;now.
 
Want alpha sent directly to your inbox? Get degen trade ideas, governance updates, token performance, can’t-miss tweets and more from&nbsp;<a href="https://blockworks.co/newsletter/research" target="_blank" rel="noreferrer noopener">Blockworks Research&#8217;s Daily Debrief</a>.
 
Can&#8217;t wait? Get our news the fastest way possible.&nbsp;<a href="https://t.me/blockworks_news" target="_blank" rel="noreferrer noopener">Join us on Telegram</a> and follow us on <a href="https://news.google.com/publications/CAAqBwgKMPyTxgswn6_dAw" target="_blank" rel="noreferrer noopener">Google News</a>.
<hr class="wp-block-separator">

Mango Markets Mangled by Oracle Manipulation for $112M

Shalini Nagarajan

<div id="highlights-block_63298f8951bb3" class="highlights">
 <ul>
 <li>A bug in vanity address generator Profanity suspected as attack vector, security experts say</li>
 <li>Stablecoins, the vast majority of the funds, have been deposited to Curve Finance, likely to evade blacklisting</li>
 </ul>
 
</div>



Liquidity provider Wintermute, which provides liquidity across most CeFi and DeFi exchanges, has suffered a major setback in a second security-based incident this year.&nbsp;&nbsp;



CEO Evgeny Gaevoy disclosed in a <a href="https://twitter.com/EvgenyGaevoy/status/1572134271011225601" target="_blank" rel="noreferrer noopener">Twitter thread</a> on Tuesday that the platform encountered a $160 million breach in its decentralized finance (DeFi) operations. The firm’s CeFi operations and over-the-counter services weren’t affected, he said.



Gaevoy indicated Wintermute remains solvent, with $320 million in equity left after the hack. Users can expect the platform to face disruptions over the next few days until operations return to normal.&nbsp;



The CEO said the firm is &#8220;open to&#8221; treating the situation as a white hat, referring to hackers that just test vulnerabilities in a system, as compared to malicious hackers. It’s not known whether that is the hacker&#8217;s intent.



<figure class="wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter"><div class="wp-block-embed__wrapper">
<blockquote class="twitter-tweet" data-width="550" data-dnt="true">We are (still) open to treat this a s a white hat, so if you are the attacker – get in touch&mdash; wishful cynic (@EvgenyGaevoy) <a href="https://twitter.com/EvgenyGaevoy/status/1572134291382960130?ref_src=twsrc%5Etfw">September 20, 2022</a></blockquote><script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
</div></figure>



Wintermute is among the largest crypto liquidity providers dedicated to crypto market making for exchanges including Binance and Coinbase.



The hack is already having knock-on effects, such as the <a href="https://twitter.com/bebop_dex/status/1572157679216525319" target="_blank" rel="noreferrer noopener">pausing of trading</a> on Bebob, an upstart DeFi dex using Wintermute&#8217;s market making services.



Tuesday’s incident marks the second time the firm was involved with a hack this year. In June, a hacker stole 20 million Optimism tokens by exploiting a <a href="https://cms.blockworks.co/20m-tokens-lost-as-market-maker-wintermute-takes-blame/" target="_blank" rel="noreferrer noopener">failed transaction</a> with Wintermute.



<h3 class="wp-block-heading">Security experts point to a known bug&nbsp;as Wintermute hack vector</h3>



Mudit Gupta, chief security officer at Polygon, guessed <a href="https://twitter.com/Mudit__Gupta/status/1572150289943363589" target="_blank" rel="noreferrer noopener">in a tweet</a> that the hack was a result of a hot wallet compromise due to the <a href="https://blog.1inch.io/a-vulnerability-disclosed-in-profanity-an-ethereum-vanity-address-tool-68ed7455fc8c" target="_blank" rel="noreferrer noopener">Profanity bug</a> uncovered by 1inch contributors last week. 1inch had warned that wallet addresses generated using the Profanity tool were at risk of compromise.



“If you used Profanity to get a vanity smart contract address, make sure to change the owners of that smart contract,” 1inch staff wrote in a Sept. 15 <a href="https://blog.1inch.io/a-vulnerability-disclosed-in-profanity-an-ethereum-vanity-address-tool-68ed7455fc8c" target="_blank" rel="noreferrer noopener">blog post</a>.



The contributors noted that Profanity’s popularity didn’t mean it wasn’t without defect, and that its vulnerability enabled hackers to “secretly” steal tens of millions of dollars from users’ wallets.



<blockquote class="wp-block-quote">“It’s not a simple task, but at this point it looks like tens of millions of dollars in cryptocurrency could be stolen, if not hundreds of millions,” they said in the post.</blockquote>



The <a href="https://debank.com/profile/0xe74b28c2eae8679e3ccc3a94d5d0de83ccb84705" target="_blank" rel="noreferrer noopener">Ethereum address</a> associated with the Wintermute hack held nearly $13 million in wrapped bitcoin (WBTC) and $9.3 million in ETH, among other tokens including matic, DYDX and FTX tokens as of 6:15 am ET on Tuesday.



Most of the stolen funds — $114 million in USDC and USDT stablecoins — have been moved to Curve Finance flagship “3Crv” liquidity pool. That may make it harder for centralized stablecoin issuers Circle and Tether to freeze the tokens, as they are commingled within the $869 million pool.



A Tether spokesperson told Blockworks that the firm is ready to collaborate in any investigation that law enforcement will initiate to help in the recovery of such funds.



Gaevoy didn’t specify when the hack took place or how it happened. In a <a href="https://twitter.com/EvgenyGaevoy/status/1572329658636537857">later tweet</a>, he offered the hacker a 10% bounty on the funds if returned. Wintermute and Circle didn’t return Blockworks’ request for comment by press time.



This story was updated on Sept. 20 at 11:42 pm ET.



<hr class="wp-block-separator">
Get the day’s top crypto news and insights delivered to your email every evening.&nbsp;<a href="https://cms.blockworks.co/newsletter/?source=end" target="_blank" rel="noreferrer noopener">Subscribe to Blockworks’ free newsletter</a>&nbsp;now.
 
Want alpha sent directly to your inbox? Get degen trade ideas, governance updates, token performance, can’t-miss tweets and more from&nbsp;<a href="https://blockworks.co/newsletter/research" target="_blank" rel="noreferrer noopener">Blockworks Research&#8217;s Daily Debrief</a>.
 
Can&#8217;t wait? Get our news the fastest way possible.&nbsp;<a href="https://t.me/blockworks_news" target="_blank" rel="noreferrer noopener">Join us on Telegram</a> and follow us on <a href="https://news.google.com/publications/CAAqBwgKMPyTxgswn6_dAw" target="_blank" rel="noreferrer noopener">Google News</a>.
<hr class="wp-block-separator">

Wintermute Whacked by $160M Hack Exploiting Known Vulnerability

<div id="highlights-block_6318600a68459" class="highlights">
 <ul>
 <li>The flash loan is said to have generated hundreds of thousands of dollars worth of USDC for the attacker</li>
 <li>DEX Trader Joe, staking platform Nereus Finance and AMM Curve Finance are believed to have been affected</li>
 </ul>
 
</div>



A flash loan attack on the <a href="https://cms.blockworks.co/tag/avalanche/" target="_blank" rel="noreferrer noopener">Avalanche</a> blockchain has extracted $370,000 in USDC from a smart contract, as well as several liquidity providers, blockchain cybersecurity firm CertiK said Tuesday.



Decentralized exchange Trader Joe, staking platform Nereus Finance and automated market maker Curve Finance are thought to have been impacted, the firm said in a <a href="https://twitter.com/CertiKAlert/status/1567314528357990401?s=20&amp;t=H0Sq29gTMSLHgPJHZYaMWw" target="_blank" rel="noreferrer noopener">tweet</a>.



A flash loan exploit is an abuse of a smart contracts security whereby a nefarious actor typically borrows uncollateralized funds from a lending protocol and manipulates the price of a given asset, driving up its value.&nbsp;



Because of the nature of a flash loan, the attacker then sells back the borrowed capital in the same transaction after they’ve managed to arbitrage the asset, pocketing the difference.



The attack, executed around 3:26 pm ET on Tuesday, was picked up by CertiK’s on-chain security software Skynet which actively monitors and displays suspicious smart contract data online.



Blockworks attempted to contact CertiK and Avalanche but did not receive a response by press time. The identity of the attacker, as in the majority of cases involving flash loan exploits, remains unknown.



Avalanche, a layer-1 smart contract platform built by Singapore-based Ava Labs, has risen to prominence in recent years, having grown to become a top 20 crypto in market cap terms.



Compatible with Ethereum, the Avalanche network consists of an ecosystem of decentralized application as well as staking initiatives via its proof-of-stake consensus mechanism.



Flash loans have been involved in several high-profile crypto heists before, including the third-largest of 2022, when DeFi dapp <a href="https://cms.blockworks.co/the-nine-largest-crypto-hacks-in-2022/" target="_blank" rel="noreferrer noopener">Beanstalk lost</a> $182 million.



<hr class="wp-block-separator">
Get the day’s top crypto news and insights delivered to your email every evening.&nbsp;<a href="https://cms.blockworks.co/newsletter/?source=end" target="_blank" rel="noreferrer noopener">Subscribe to Blockworks’ free newsletter</a>&nbsp;now.
 
Want alpha sent directly to your inbox? Get degen trade ideas, governance updates, token performance, can’t-miss tweets and more from&nbsp;<a href="https://blockworks.co/newsletter/research" target="_blank" rel="noreferrer noopener">Blockworks Research&#8217;s Daily Debrief</a>.
 
Can&#8217;t wait? Get our news the fastest way possible.&nbsp;<a href="https://t.me/blockworks_news" target="_blank" rel="noreferrer noopener">Join us on Telegram</a> and follow us on <a href="https://news.google.com/publications/CAAqBwgKMPyTxgswn6_dAw" target="_blank" rel="noreferrer noopener">Google News</a>.
<hr class="wp-block-separator">

Avalanche Flash Loan Attack Nets $370K

David Canellis

<div id="highlights-block_62e907e74b5d3" class="highlights">
 <ul>
 <li>The Nomad incident is the third-biggest cryptocurrency hack of the year, behind Wormhole and Ronin</li>
 <li>Around 41 addresses siphoned cryptocurrency from the protocol</li>
 </ul>
 
</div>



Token bridge Nomad has suffered a “frenzied free-for-all” after attackers raided the protocol for more than $190 million in cryptocurrency.



Nomad, which marketed itself as a “security-first” platform for sending ERC-20 tokens between compatible blockchains, confirmed the raid in a Tuesday morning tweet.



&#8220;Nomad identified an attack on its token bridge on August 1 at approximately 5:32 PM Eastern Time (ET),&#8221; the company said in a statement emailed to Blockworks. &#8220;An investigation is ongoing and leading firms for blockchain intelligence and forensics have been retained. Nomad has notified law enforcement and is working around the clock to address the situation and provide timely updates.&#8221;



The incident differs from other large-scale hacks to cripple token bridges this year. Token bridges enable crypto users to port digital assets over networks by first locking them inside a smart contract.&nbsp;



The bridge then issues a derivative token, a “wrapped asset,” on the other side, with their values backed by their original deposits. Nomad supports Ethereum, Avalanche, Evmos and Moonbeam.



February’s Wormhole hack saw attackers exploit buggy smart contract code to mint themselves $320 million in Wrapped Ether without posting the required collateral.&nbsp;



The Axie Infinite Ronin bridge attack, disclosed in March, involved a months-long phishing campaign to acquire private keys associated with its multisig wallet, which resulted in some $625 million in crypto stolen (both incidents valued at the time of the attack).



But Sam Sun, head of security at digital asset investment firm Paradigm, explained in a Twitter thread that Nomad’s thieves didn’t need to know anything about the Ethereum programming language Solidity to make off with user collateral.



<h3 class="wp-block-heading">Rari Capital hacker returned to raid Nomad</h3>



Nomad’s developers had accidentally pushed a routine upgrade which told the protocol to process any transaction with the default root hash of “0x00,” where usually blockchain networks require a unique and specific root as proof that the transaction is valid.



This meant Nomad would effectively approve any transaction submitted to the protocol. After an attacker realized and initiated large illicit transfers, other users simply copy-pasted their transaction script and replaced the receiver address with their own, explained Victor Young, chief architect at interoperability network Analog.



To Young, a key advantage of smart contract platforms, like the ones powering Nomad, is that they are Turing-complete systems. They can compute &#8220;virtually everything a modern digital computer can do from a mathematical standpoint,&#8221; Young said.



&#8220;Unfortunately, this introduces countless and unknown attack vectors that open the smart contract to hacks,&#8221; Young told Blockworks. &#8220;When you combine this with lax developers that fail to implement a robust set of testing mechanisms, you get the ridiculous meltdown that we are currently witnessing.”



<figure class="wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter"><div class="wp-block-embed__wrapper">
<blockquote class="twitter-tweet" data-width="550" data-dnt="true">Nomad exploit onchain activity, visualized. <a href="https://t.co/WqjcbQfWKW">pic.twitter.com/WqjcbQfWKW</a>&mdash; Hsaka (@HsakaTrades) <a href="https://twitter.com/HsakaTrades/status/1554254701994156033?ref_src=twsrc%5Etfw">August 1, 2022</a></blockquote><script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
</div></figure>



Young prescribed other blockchain platforms end-to-end tests and repeated code audits to help mitigate risk of this happening elsewhere.



Blockchain security firm PeckShield <a href="https://twitter.com/PeckShieldAlert/status/1554350737957998592" target="_blank" rel="noreferrer noopener">reported</a> around 41 addresses had raided Nomad, a mixture of Wrapped Bitcoin and Wrapped Ether alongside stablecoins DAI and USDC.&nbsp;



Notably, the same address associated with the Rari Capital <a href="https://cms.blockworks.co/hacked-crypto-platform-offers-no-questions-asked-10m-bounty-for-stolen-funds/" target="_blank" rel="noreferrer noopener">hack</a> in late-April was said to have pilfered $3.4 million in cryptocurrency. Less than $12,000 remains in Nomad’s smart contracts, down from more than $190 million before the raid, per <a href="https://defillama.com/protocol/nomad" target="_blank" rel="noreferrer noopener">DeFi Llama</a>.&nbsp;



The Nomad incident is now the third-biggest hack of the year, behind Wormhole and Ronin. It’s unclear what’s next for the firm.&nbsp;



Both Wormhole and the Axie Infinite teams raised venture capital in a bid to make both their users and protocols whole following their respective hacks. The company told Blockworks that its goal is to identify the accounts involved and ultimately trace and recover crypto.



Nomad also said that &#8220;many white hat [hacker] friends&#8221; had reacted quickly to withdraw and safeguard some of the funds, and directed its community to follow its Twitter account for instructions on how to return the stolen money.



<figure class="wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter"><div class="wp-block-embed__wrapper">
<blockquote class="twitter-tweet" data-width="550" data-dnt="true">Nomad Bridge Funds Recovery Process Dear white hat hackers and ethical researcher friends who have been safeguarding ETH/ERC-20 tokens, Please send the funds to the following wallet address on Ethereum: 0x94A84433101A10aEda762968f6995c574D1bF154 <a href="https://t.co/UF623JSZ8u">pic.twitter.com/UF623JSZ8u</a>&mdash; Nomad (⤭⛓🏛) (@nomadxyz_) <a href="https://twitter.com/nomadxyz_/status/1554679735006859264?ref_src=twsrc%5Etfw">August 3, 2022</a></blockquote><script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
</div></figure>



This article was updated at 4:09 am ET, August 3, to include Nomad&#8217;s statement.



<hr class="wp-block-separator">
Get the day’s top crypto news and insights delivered to your email every evening.&nbsp;<a href="https://cms.blockworks.co/newsletter/?source=end" target="_blank" rel="noreferrer noopener">Subscribe to Blockworks’ free newsletter</a>&nbsp;now.
 
Want alpha sent directly to your inbox? Get degen trade ideas, governance updates, token performance, can’t-miss tweets and more from&nbsp;<a href="https://blockworks.co/newsletter/research" target="_blank" rel="noreferrer noopener">Blockworks Research&#8217;s Daily Debrief</a>.
 
Can&#8217;t wait? Get our news the fastest way possible.&nbsp;<a href="https://t.me/blockworks_news" target="_blank" rel="noreferrer noopener">Join us on Telegram</a> and follow us on <a href="https://news.google.com/publications/CAAqBwgKMPyTxgswn6_dAw" target="_blank" rel="noreferrer noopener">Google News</a>.
<hr class="wp-block-separator">

Nomad Token Bridge Raided for $190M in ‘Frenzied Free-For-All’

Jack Kubinec

<div id="highlights-block_62bc42c09b064" class="highlights">
 <ul>
 <li>Few DeFi companies employ dedicated security personnel</li>
 <li>Industry experts believe bridges will become more secure as DeFi matures</li>
 </ul>
 
</div>



As investment in cryptocurrency grows, so does the incentive for criminal actors to exploit the DeFi (decentralized finance) space. Cross-chain bridge hacks have been the weapon of choice for crypto thieves in 2022. Bridge hacks have accounted for more than a billion dollars in stolen funds this year, according to research from blockchain analytics and compliance firm Elliptic.



Cross-chain bridges allow assets to be moved between different blockchain protocols, meaning the networks contain a large concentration of crypto assets. The recent string of bridge attacks has caused some industry leaders to question whether the benefits of bridges outweigh their risks. A top analyst at Elliptic believes bridge hacks are just growing pains that DeFi will eventually surmount.



<a href="https://cms.blockworks.co/defi-cross-chain-horizon-bridge-hacked-for-100m/" target="_blank" rel="noreferrer noopener">Harmony</a>, <a href="https://cms.blockworks.co/sky-mavis-ronin-network-bridge-exploited-for-over-600m/" target="_blank" rel="noreferrer noopener">Sky Mavis</a>, and <a href="https://cms.blockworks.co/in-second-largest-defi-hack-ever-blockchain-bridge-loses-320m-ether/" target="_blank" rel="noreferrer noopener">Wormhole</a> all suffered blockchain exploits exceeding $100 million this year. Mudit Gupta, Chief Information Security Officer at Polygon, believes bridge insecurity is an industry-wide problem.



“Most of the hacks are happening due to companies not having proper security experts and not knowing what to do themselves,” Gupta said in a Twitter DM. “There are very few DeFi companies with [dedicated] security personnel.”



DeFi protocols have proliferated rapidly in the past six years, but security infrastructure has not kept up with the now over-$900 billion industry. For this reason, hacks totaling in the hundreds of millions are not surprising.&nbsp;



On April 1, a trader tweeted their concern that a major Harmony Horizon Bridge exploit would only require a hacker to obtain two of the protocol’s five validator keys. In June, that exact scenario occurred — and Harmony was ransacked for $100 million.



<figure class="wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter"><div class="wp-block-embed__wrapper">
<blockquote class="twitter-tweet" data-width="550" data-dnt="true">Since the current narative du-jour is bridges &amp; bridge hacks, I wanted to do some digging on the harmony bridge on Ethereum which secures ~$330m worth of tokens.&mdash; Ape Dev (@_apedev) <a href="https://twitter.com/_apedev/status/1510007663832223751?ref_src=twsrc%5Etfw">April 1, 2022</a></blockquote><script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script>
</div></figure>



Vitalik Buterin, co-founder of Ethereum, believes cross-chain bridges are inherently prone to security breaches.



“The fundamental security limits of bridges are actually a key reason why…I am pessimistic about cross-chain applications,” Buterin wrote in a lengthy January Reddit post. The influential founder went on to express his belief that assets should be held in the same blockchain ecosystem, rather than shuffled between chains.



Tara Annison, Head of Technical Crypto Advisory at the crypto research firm Elliptic, disagrees.



“We’re not going to live in a single chain world,” Annison said. It will always be necessary to move assets between blockchains, so “we shouldn’t characterize bridges in general as bad just because some have been hacked.”



Annison believes bridge hacks are caused by the concentration of value within cross-chain bridges, not by the bridges themselves.



<blockquote class="wp-block-quote">“If you think of wars, you try to bomb bridges to stop goods and services moving across,” Annison said. Recent cross-chain bridge hacks are not happening “because bridges are inherently weak infrastructure, it’s because they have a concentration of value.”</blockquote>



Annison believes that all crypto assets come with risk, and bridges are just the risk “flavor of the month” following stablecoins in May and NFTs before that. Bridges should become more secure as protocols become more technologically mature.



It remains to be seen if market participants agree.



Sky Mavis’ Ronin Bridge, which was compromised for $625 million in April, <a href="https://cms.blockworks.co/sky-mavis-reopening-ronin-bridge-with-enhanced-security/" target="_blank" rel="noreferrer noopener">reopened</a> this morning. Close to $9 million in assets have already left the chain, according to Messari.



<hr class="wp-block-separator">
Get the day’s top crypto news and insights delivered to your email every evening.&nbsp;<a href="https://cms.blockworks.co/newsletter/?source=end" target="_blank" rel="noreferrer noopener">Subscribe to Blockworks’ free newsletter</a>&nbsp;now.
 
Want alpha sent directly to your inbox? Get degen trade ideas, governance updates, token performance, can’t-miss tweets and more from&nbsp;<a href="https://blockworks.co/newsletter/research" target="_blank" rel="noreferrer noopener">Blockworks Research&#8217;s Daily Debrief</a>.
 
Can&#8217;t wait? Get our news the fastest way possible.&nbsp;<a href="https://t.me/blockworks_news" target="_blank" rel="noreferrer noopener">Join us on Telegram</a> and follow us on <a href="https://news.google.com/publications/CAAqBwgKMPyTxgswn6_dAw" target="_blank" rel="noreferrer noopener">Google News</a>.
<hr class="wp-block-separator">

Cross-chain Bridge Thefts Top $1B in 2022

Morgan Chittum

<div id="highlights-block_61ef2e85f59f9" class="highlights">
 <ul>
 <li>Coding bug enabled attackers to buy NFTs at previous sale prices and flip them for substantial profit</li>
 <li>At least three attackers exploited users, according to blockchain analytics firm Elliptic</li>
 </ul>
 
</div>



A bug in the OpenSea NFT marketplace has enabled hackers to snatch up rare NFTs from owners for far below market value and resell them for hefty profits.&nbsp;



At least three attackers exploited a bug on the marketplace, making away with over $1 million as of Monday, according to blockchain analytics firm Elliptic. One of the alleged opportunists bought a Mutant Ape Yacht Club NFT for $10,600 worth of ether, selling it hours later for $34,800 worth of ether.



“The <a href="https://twitter.com/yakirrotem/status/1485559864948629512" target="_blank" rel="noreferrer noopener">exploit</a> appears to originate from the ability to re-list an NFT at a new price, without canceling the previous listing,” Elliptic said in a <a href="https://www.elliptic.co/blog/bug-allows-nfts-worth-over-1-million-to-be-stolen" target="_blank" rel="noreferrer noopener">report.</a> “Those previous listings are now being used to purchase NFTs at prices specified at some point in the past — which is often well below current market prices.”



One attacker, who goes by “<a href="https://opensea.io/jpegdegenlove" target="_blank" rel="noreferrer noopener">jpegdegenlove</a>” online, paid roughly $133,000 for seven NFTs before quickly flipping them on the platform for $934,000 worth of ether.&nbsp;



Suspicious activity picked up over the past day but the bug has been present for weeks and was flagged in a Jan. 1 <a href="https://twitter.com/carsonturner/status/1477414895834513413?s=20" target="_blank" rel="noreferrer noopener">tweet</a>. The marketplace was exploited over eight times in a roughly eight-hour-span on Monday morning. A <a href="https://etherscan.io/address/0xb1a22cc48f6784f629a994917cd6474923630c48" target="_blank" rel="noreferrer noopener">wallet address</a> associated with multiple purchases has made a total profit of $878,288 worth of ether from the exploit, according to blockchain analytics provider <a href="https://pro.nansen.ai/nft-wallet-profiler?address=0xb1A22cc48f6784F629A994917cD6474923630C48" target="_blank" rel="noreferrer noopener">Nansen</a>.&nbsp;



<blockquote class="wp-block-quote">“The fact that a user could buy at previous prices and flip NFTs without any form of verification points to the centralization issue in NFTs as they stand right now,” Jenna Pilgrim, CEO of blockchain media licensing startup Streambed, told Blockworks. </blockquote>



“OpenSea does a great job at creating a solid user interface, but unfortunately does so at the cost of security,” she added.&nbsp;



In a turn of events, “jpegdegenlove” later compensated two of their victims, transferring them a combined total of $75,000 worth of ether, according to Elliptic.&nbsp;



Charles Guillemet, CTO of hardware wallet developer Ledger, said that it is currently not safe for NFT holders to have their assets listed on OpenSea. “It’s very difficult to use this platform securely right now,” he said on a Twitter space Monday. “The only thing we can do is to mitigate the risk.”



OpenSea has yet to publicly address the exploit and did not immediately respond to Blockworks’ request for comment on the matter.



<hr class="wp-block-separator">
Get the day’s top crypto news and insights delivered to your email every evening.&nbsp;<a href="https://cms.blockworks.co/newsletter/?source=end" target="_blank" rel="noreferrer noopener">Subscribe to Blockworks’ free newsletter</a>&nbsp;now.
 
Want alpha sent directly to your inbox? Get degen trade ideas, governance updates, token performance, can’t-miss tweets and more from&nbsp;<a href="https://blockworks.co/newsletter/research" target="_blank" rel="noreferrer noopener">Blockworks Research&#8217;s Daily Debrief</a>.
 
Can&#8217;t wait? Get our news the fastest way possible.&nbsp;<a href="https://t.me/blockworks_news" target="_blank" rel="noreferrer noopener">Join us on Telegram</a> and follow us on <a href="https://news.google.com/publications/CAAqBwgKMPyTxgswn6_dAw" target="_blank" rel="noreferrer noopener">Google News</a>.
<hr class="wp-block-separator">