Image default

DeFi – Cronos (CRO): Theft worth $2 million for the Mm.Finance (MMF) project

fri 06 May 2022 ▪ 16:30 ▪

min reading – per

It was reported that MESSRS. Finance suffered a loss to the tune of $2 million as a result of a cyber attack. Fortunately, the promoters of this decentralized exchange project on Cronos were able to quickly track down the hacker. If the stolen assets are not returned within 48 hours, MESSRS. Finance will contact the FBI.


MESSRS.Finance, hacked to the tune of $2 million

Last Wednesday, Cronos’ decentralized exchange project, Mad Meerkat Finance, was the subject of a cyberattack. Which, once again, lengthens the list of DeFi projects victim of a cybercriminal attack.

$ 2 million is the sum that disappeared from the coffers of Mm.Finance after the attacker’s intrusion into this ecosystem of DeFi applications. In announcing the bad news last Thursday, officials described the modus operandi hacker. Basically, he entered via the front-end from MESSRS. Finance before starting to empty the tills to send them to his address.

« We have checked and there is a breach in the front-end. Please do not make any transactions or your funds will be sent to the wallet hacker ”, says MESSRS. Finance.

First, the hacker took advantage of a DNS vulnerability in order to modify the address of the router contract in the files hosted by Mad Meerkat Finance. Then he injected a malicious contract address into the front-end from the latter’s website. This certainly facilitated the diversion of funds to the hacker’s wallet at the end of a swap or an addition/withdrawal of cash on Mm.Finance.

The data on the channel were able to highlight the disappearance of about $ 2 million in cryptocurrency just before the detection and stopping of the bleeding.

Alerted, the perpetrator of the theft quickly proceeded to transfer these funds to Ethereum by relying on Tornado Cash. To say that this multi-chain routing protocol has been used a lot by hackers these days. Even Lazarus Group, the group of hackers that the FBI is trying to dismantle as soon as possible, is using it to launder their stolen pacts.

The Ali Baba of Cronos traced (and unmasked?)

According to MESSRS. Finance, the traces of the cybercriminal have been traced back. The project managers have, in fact, said that he is one of the members of the centralized stock exchange (CEX) OKX. Fortunately, this platform requires its users to comply with the KYC procedure (“ Know Your Customer “) at each integration attempt.

As a reminder, KYC, meaning “Know your customer” in French, is presented as a process that requires financial institutions (cryptocurrency exchanges included) to collect data about their customers during registration. Name, identity documents, etc. are to be provided on occasion.

So, if the attacker did not bother to register under a false identity on OKX, in a short time, his identity will be revealed.

Hence the message sent to him :

« We have traced your funding back to the OKX Exchange. With all this information, we have more than we need to bring this information to the @FBI. If you refuse, we will only sleep less and escalate this matter, a cost to which we are already very used at Mm. It’s up to you to play! »

Wanting to be more cooperative, Jay Hao, CEO of OKX, reassured the leaders of Mr.Finance that he and his team were investigating the incident.

$8 million, a drop in the ocean Mm.Finance

It should be noted that the loss of this sum would not seriously affect Messrs.Finance. Indeed, DeFi Llama’s data advance a significant amount of liquidity available to the project. Currently, MESSRS. Finance has a total blocked value (TVL) of approximately $802 million.

On the side of the native token of the MMF project, no major damage has also been reported. Moreover, the losses suffered were quickly recovered after a small decline of 0.1%. It should also be noted that Mr.Finance has promised to reimburse all users who are victims of this malicious act.

Source : Crypto Briefing

Receive a digest of the news in the world of cryptocurrencies by subscribing to our new daily and weekly newsletter service so you don’t miss anything essential Cointribune!


The blockchain and crypto revolution is underway! And the day when the impacts will be felt on the most vulnerable economy in this world, against all hope, I will say that I had something to do with it

Related posts

Crypto: Nitrokod, this malware disguised as Google Translate

Ronald Chasteen

Hacker steals $1.2 million by attacking Reverse Finance

Ronald Chasteen

Why are hackers interested in blockchain bridges?

Ronald Chasteen