Two popular altcoins operating in the decentralized finance (DeFi) field have recently come to the fore with a hack attack. Currently, the amount of stolen coins has also been revealed. Here are the details…
Attacker sold stablecoins and bought altcoins
cryptocoin.com As we reported, Pechshield stated in a tweet that decentralized finance (DeFi) protocols Aave and Yearn Finance are suffering from an ongoing flash loan attack. According to Lookonchain, more than $3 million in DAI, $2.5 million in USD Coin (USDC), $1.7 million in BinanceUSD (BUSD), $1.19 million in Tether (USDT), and $1.5 million in True USD (TUSD) from offensive protocols. It has withdrawn more than $10 million in stablecoins.
On the other hand, Beosin Alert stated that the total loss from the Yearn Finance hack was approximately $11,539,783. The blockchain security platform also reported the wallets with the most stolen funds from Yearn Finance. It also confirmed that 996k USDC, 570k DAI and 241k USDT were withdrawn from Aave Lending Pool Core V1. According to Beosin, hackers seized approximately $11.6 million worth of stablecoins, including 61,000 USDP, 1.5 million TUSD, 1.8 million BUSD, 1.2 million USDT, 2.58 million USDC and 3 million DAI.
The hackers transferred 1.5 million TUSD to AAVE and borrowed 634 ETH from AAVE. Later, some stablecoins were sold for 600 ETH. 1,000 ETH has already been transferred to Tornado Cash. Currently, there was $5.77 million worth of assets in one of the attacker’s wallets. These assets include around $2.4 million worth of Ethereum (ETH), $1.7 million worth of BUSD, and $1.5 million worth of TUSD, according to Etherscan data. The hacker redirects the stolen funds through multiple wallets.
What negligence caused the attack?
The Aave team confirmed that the Aave V1 protocol was used but not affected by the attack. Aave CEO Stani Kulechov posted a message on Twitter to confirm this. In a tweet, Aave stated that V1, V2 and V3 were not affected by the attack. According to Peckshield, the root cause of the attack on Yearn Finance was the misconfiguration of yUSDT, the liquidity token pegged to the USDT deposited. This allowed the attacker to print large amounts of yUSDT using only 10,000 USDT. Pechshield said the exploiter then exchanged yUSDT tokens for other stablecoins.
The attack on Aave and Yearn comes in the wake of the SushiSwap exploit that resulted in over $3 million in asset loss last week. Crypto researcher Samczsun claimed that Yearn Finance’s version of USDT, called yUSDT, has been corrupt since it was deployed nearly three years ago. It said it was “misconfigured to use the Fulcrum iUSDC token instead of the Fulcrum iUSDT token.”
Contact us to be instantly informed about the last minute developments. twitter‘in, Facebookin and InstagramFollow and Telegram And YouTube join our channel!
Risk Disclosure: The articles and articles on Kriptokoin.com do not constitute investment advice. Bitcoin and cryptocurrencies are high-risk assets, and you should do your due diligence and do your own research before investing in these currencies. You can lose some or all of your money by investing in Bitcoin and cryptocurrencies. Remember that your transfers and transactions are at your own risk and any losses that may occur are your responsibility. Cryptokoin.com does not recommend buying or selling any cryptocurrencies or digital assets, nor is Kriptokoin.com an investment advisor. For this reason, Kriptokoin.com and the authors of the articles on the site cannot be held responsible for your investment decisions. Readers should do their own research before taking any action regarding the company, assets or services in this article.
Disclaimer: Advertisements on Kriptokoin.com are carried out through third-party advertising channels. In addition, Kriptokoin.com also includes sponsored articles and press releases on its site. For this reason, advertising links directed from Kriptokoin.com are on the site completely independent of Kriptokoin.com’s approval, and visits and pop-ups directed by advertising links are the responsibility of the user. The advertisements on Kriptokoin.com and the pages directed by the links in the sponsored articles do not bind Kriptokoin.com in any way.
Warning: Citing the news content of Kriptokoin.com and quoting by giving a link is subject to the permission of Kriptokoin.com. No content on the site can be copied, reproduced or published on any platform without permission. Legal action will be taken against those who use the code, design, text, graphics and all other content of Kriptokoin.com in violation of intellectual property law and relevant legislation.