Hacker Steals $390K From Poolz Finance Just Days After $180M Euler Finance Exploit

Do repost and rate:

A hack has cost Poolz Finance around $390,000 on the Smart Chain and Polygon, PeckShield spotted on Wednesday.

The blockchain security company noted that the hack could have occurred due to an arithmetic overflow issue.

Poolz Finance Hack, What We Know

According to PeckShield, the initial analysis points towards an arithmetic overflow issue with Poolz Finance. In computer science, it is an of a larger operation yield against the relatively smaller storage system. Meanwhile, PeckShield identified a repeat pattern by the same sender on the Token Vesting contract.

The source in Solidity states,

“Arithmetic operations in Solidity wrap on overflow. This can easily result in bugs, because programmers usually assume that an overflow raises an error, which is the standard behavior in high level programming languages.`SafeMath` restores this intuition by reverting the transaction when an operation overflows.”

Blockchain vigilante Bythos was the first to identify and tweet about the issue to PeckShield.

Poolz is a cross-chain decentralized platform. Its infrastructure allows crypto projects with funding before they go public. However, its POOLZ token has taken a hit of over 95% in the past day alone.

POOLZ’s current price of $0.19 is more than 99% lower than its all-time high. Nearly two years back, in April 2021, POOLZ hit a peak price of $50.89.

Euler Finance Hack Preceded the Incident

On March 13, the decentralized finance () protocol Euler Finance underwent an exploit. BeInCrypto reported on the day that hackers stole over $195 million from the platform in a flash loan attack.

Following this, Euler sent an on-chain message to the hacker. They said, “If 90% of the funds are not returned within 24 hours, tomorrow we will launch a $1M reward for information that leads to your arrest and return of all funds.”

The hackers have reportedly moved the money from the protocol to two new accounts. The wallets were heavily loaded with stablecoins and Ethereum

DeFi Protocols Still Have a Target on Their Backs

In February, Platypus lost over $8.5 million in a flash loan attack. According to a report by Chainalysis, 2022 lost $3.8 billion worth of cryptocurrency, making it the biggest year for hacking. The bulk of this money came from protocols.

According to David Schwed, Chief Operating Officer of blockchain security firm Halborn, these are based on a web2 attack pattern. In a conversation with Chainalysis, he said, “A lot of the hacks that we’re seeing aren’t necessarily web3-focused, key exfiltration attacks. They’re traditional web2 attacks that have web3 implications.”

Regulation and Society adoption

Events&meetings

Ждем новостей

Нет новых страниц

Следующая новость