Decentralized finance platforms (DeFi) have become the preferred target of hackers. Recently, one of them managed to steal $1.2 million in a type attack ” flash loan “by taking on Inverse Finance. This incident occurred while the platform is still trying to recover from the hacker attack suffered in April that caused it to lose $ 15 million.
Reverse Finance victim of a rapid attack
A hacker whose identity is not yet known has carried out a type attack ” flash loan ” (flash loan) against Reverse Finance. The attack took place around 4:47 a.m., according to the data provided by the blockchain. These same data clearly indicate that the funds obtained as a result of this hacker attack were transferred to Tornado Cash which is a transaction mixer. Obviously, the purpose of the perpetrator of the attack was to confuse the tracks and make the stolen funds untraceable.
For now, it is difficult to know the motives of the hacker. Was it for the money? Was he collaborating with other people? The answers to these questions are not yet known. However, one thing is certain: Inverse Finance could have struggling to get up of this attack. According to PeckShied, the security company that was the first to report the malicious operation, the hacker would not have pocketed only $ 1.2 million. He would have had a lot more than we can believe.
The method of the “flash ready” attack
The “flash loan” type of attacks are actually loans that are taken out on a blockchain. When a user concludes a flash loan, he must return the amount he borrowed. If this transaction was initially interesting, given that it makes it possible to finance operations very quickly, it very quickly became a loophole that hackers take advantage of. They manipulate the price data DeFi platforms and carry out their attacks. “Hacking is made possible due to the manipulation of the price oracle […] It is greatly facilitated by the flash loan to skew the reserves in the pool”, PeckShield said.
In any case, for now, even if it is difficult to predict the future of Inverse Finance, it is a safe bet that the company will have to take new measures to avoid easily falling into the arms of hackers. In the meantime, she announced on Twitter that she temporarily suspends borrowing on the one hand and on the other hand that she continues the investigation to find the person behind the attack suffered.
Inverse Finance, a decentralized finance protocol (DeFi), was again the target of a hacker whose attack was a success. He pocketed (more than) $ 1.5 million by taking care to muddy the waters to prevent any attempt to find him from succeeding.
Source : The Block
Receive a digest of the news in the world of cryptocurrencies by subscribing to our new daily and weekly newsletter service so you don’t miss anything essential Cointribune!
Behind the generic signature “Editorial CT” are young journalists and authors with special profiles who wish to remain anonymous because they are involved in the ecosystem with certain obligations.