In a security breach that shook the decentralized finance (DeFi) space, Sturdy Finance, a prominent lending platform, fell victim to an attack resulting in the loss of approximately 442 Ether (ETH), valued at nearly $800,000.
The attacker capitalized on a vulnerability that manipulated a faulty price oracle, enabling them to drain funds from the protocol.
The incident came to light when blockchain security firm PeckShield notified Sturdy Finance of a suspicious transaction involving potential price manipulation. Responding promptly, Sturdy Finance swiftly paused all its markets to mitigate further risks and reassure its community that no additional funds were compromised.
BlockSec experts uncovered that the attackers utilized a reentrancy attack, a well-known method in the hacking realm, to drain funds from DeFi protocols. This technique exploits the ability to repeatedly call a function in a single transaction, enabling the hackers to withdraw an excessive amount of funds beyond the normal limits.
Simultaneously, an unrelated series of events unfolded as scammers gained control over eight Twitter accounts belonging to prominent figures in the crypto community.
These scammers utilized the compromised accounts, including those of DJ Steve Aoki, Pudgy Penguins founder Cole Villemain, and even crypto critic Peter Schiff, to promote crypto-related scams. Reports from blockchain detective ZachXBT estimate that the scammers managed to pilfer almost $1 million in cryptocurrency.
In addition, the U.S. Department of Justice has filed charges against two individuals allegedly involved in the infamous Mt.Gox hack. Alexey Bilyuchenko, 43, and Aleksandr Verner, 29, are accused of stealing and laundering 647,000 Bitcoin.
These incidents emphasize the need for constant vigilance and strong security measures by platform developers, regulators, and users in the DeFi space to protect the integrity of the crypto ecosystem.
Also Read: Jimbos Protocol Scrambles to Recover After $7M Exploit!
