In Brief:
- DeFi protocol, Grim Finance has confirmed the hack and lost $30 million in cryptocurrencies
- Exploiter has used five reentrancy loops to fake deposits into a vault
- Grime Finance has paused all of its wallets to avoid the risk
One of the DeFi protocols, Grim Finance reported a major exploit attack on its platform, inwhich attackers have perpetrated more than $30 million theft in cryptocurrency.
Grim Finance has revealed in the tweet that the “External attacker” has successfully executed an “advance attack”. Hacker has used a function to enter into the vault contract, which has created five reentrancy loops. These loops helped hackers to create a fake deposit and enter into accounts.
Moreover, Company has also taken steps to prevent a similar attack on other platforms involved in cryptocurrencies such as Circle, DAI, and the cross-chain protocol AnySwap.
Grim paused all vaults after the attack to minimize the risk for future funds: “We have paused all of the vaults to prevent any future funds from being placed at risk, please withdraw all of your funds immediately.”
Grim Finance considers it as a “compounding yield optimizer”, which allows users to stake their tokens through vault strategies.
As per the source, the exploiter is still making transactions, and one of the addresses linked in the attack is holding up $1.2 million in Bitcoin (BTC), $1.7 million in SpookyToken (BOO) alongside $13,700 in FTM tokens.
Many crypto intellectuals have criticized Grim Finance for this attack as the platform failed to build an efficient security ecosystem.
While new innovations are taking place on blockchain technology, many crypto firms and protocols are suffering cyber-attacks. Recently, another DeFi protocol Badger DAO reported a front hand attack and lost over $120 million in Bitcoin and Ethereum.
