a decentralized lending protocol Sturdy Finance, 442 Ethereum suffered a security attack that caused a loss.
Hackers Stole 442 Ethereum From Sturdy Finance
The unknown attacker exploited a recentering vulnerability that facilitated the manipulation of an erroneous price indicator, thus allowing them to siphon funds.
In decentralized finance (DeFi) applications, price indicators are very important as they provide real-world price data. However, they also pose a potential target for hackers who could abuse them.
The attack on Sturdy Finance was initiated by a reentrancy attack, a method often used to illegally withdraw funds from DeFi protocols.
This type of attack takes advantage of the ability to repeatedly call a function within a single transaction before the original function call is complete. This allows the attacker to withdraw more funds than is legally entitled.
Sturdy Finance responded to the attack by suspending all its markets to prevent further potential losses, reassuring its users that no other funds were in danger as a result of the breach.
The team said, “All markets are paused; no additional funds are at risk and no user action is required at this time. We will share more information as soon as we get it,” he said.
On-chain data after the attack shows that the attacker used the Tornado Cash mixer to hide the activity.
In 2022, Sturdy Finance raised $3 million in a series of rounds to create an interest-free borrowing and lending platform. The fund was led by Pantera and also saw participation from Y Combinator, SoftBank’s Opportunity Fund, and KuCoin Ventures.
*Not investment advice.
For exclusive news, analytics and on-chain data Telegram our group, twitter our account and YouTube Follow our channel now! Moreover Android And iOS Start live price tracking right now by downloading our apps!