How did he transform 0.001 eth into 86.68 eth? (+81 000 %) !

Do repost and rate:

 

How to transform 0.001 ETH into +$110'000 ???

 

As the crypto-media Rekt explains here, a hacker discovered and exploited a security flaw in a low liquidity pool on SushiSwap.

More specifically, this is the pool concerning the DIGG token of the Badger CAD project. The hacker managed to appropriate all transaction costs generated by the pool for 24 hours.

This is a cost that all the liquidity providers in the pool would normally have had to share between them.

 

 

Using only 0.001 ether (~$1.30 at the time), the pirate managed to divert to his account 81.68 ethers, a heist of just over $112,600 at the current rate!

As can be seen in the transaction in question below, the individual transformed his small initial ether bet into a DIGG token, then into a Wrapped BTC (WBTC, the ETH tokenized version of the BTC), before recovering his larceny in Wrapped ETH.

 

 

 

Are SushiSwap's billions of dollars in cash well secured?

 

Rekt explains that this is an old flaw, for which a patch had already been developed.

The problem is that this patch has to be applied manually on each new pool, and obviously the DIGG/WBTC pool in question did not receive this patch in time.

 

But the situation could have been much more dramatic according to Rekt :

 

After further research, we discovered that although there was this rift exploitation, the damage was contained, and what had been perceived as a threat to the entire SushiSwap protocol was simply the work of a clever scavenger who picked up crumbs that were still available.

The conversation the Rekt team had about Discord with SushiSwap was not reassuring. They claim not to automate the application of the patch. Thus, the risk of forgetting is very present.

However, the incident should have served as a warning, as Rekt explains:

This story reminds us that the protocols are constantly monitored by hackers (...), who follow their every move and try to pick their pockets (...).

Unfortunately, there is very little chance that this new fault mining will be the last. Let's hope that they will remain circumscribed, and that the increasingly huge sums invested in these decentralised protocols will not be affected catastrophically.

 

Thank you all for your support and feedback!

 

Sources:

1. Rekt

 https://www.publish0x.com

Regulation and Society adoption

Events&meetings

Press Crypto

Ждем новостей

Нет новых страниц

Следующая новость

All content provided by the site, hyperlinks, related applications, forums, blogs, social networks and other information is taken from third-party sources and is intended for reference only. We make no warranties with respect to our content, including but not limited to accuracy and timeliness. No part of the content we provide is financial advice, legal advice or any other form of advice intended for any of your personal purpose. Any use of our content is entirely at your own risk. You should conduct your own research, review, analysis and verification of our content before relying on them. Trading is a very risky activity that can lead to large losses, so consult your financial Advisor before making any decision. No content on our site is a public offer or invitation to action.

This resource may contain 18+materials

© 2016-2024