In Brief:
- MonoX Finance’s smart contracts were hacked.
- The hack resulted in the loss of $31 million in assets.
- The flaws in MonoX’s smart contracts were not discovered despite two audits.
MonoX Finance, a single token liquidity platform, has been hacked, resulting in the theft of $31 million in tokens across Ethereum and Polygon.
The DeFi protocol’s developers tweeted late on November 30 that their smart contracts had been misused, although there are few details at this time.
Wrapped ether (WETH) was worth $18.2 million, and polygon was at $10.5 million (MATIC). WBTC, LINK, GHST, DUCK, MIM, and IMX were among the other tokens seized.
Peckshield and Halborn, two smart contract auditors, had previously audited MonoX. Neither audit, however, was able to pinpoint the exploit exploited by the hacker to drain the protocol’s smart contracts.
The MonoX team also issued a statement verifying the exploit’s details, saying: “A method in the swap contract was exploited and boosted MONO token price to sky high. The attacker then used MONO token to purchase all the other assets in the pool.”
The hacker was able to modify MonoX’s smart contracts to artificially raise the price of the protocol’s MONO token, according to BlockSec. The hacker utilised MONO to swap out all other assets in MonoX’s liquidity pools once the price of the token had climbed sufficiently.
Users and investors in the decentralised finance (DeFi) platform have lost $12 billion, according to a report released by Elliptic. The term “DeCrime” was coined by Elliptic to describe decentralised financial crime on decentralised platforms like DApps.
MonoX becomes the most recent in a long line of DeFi protocols hacked this year. The majority were on the Binance Smart Chain network like the largest PolyNetwork hack of $612 million, but others, such as Polygon and Avalanche, had their protocols compromised as well.
