BTC $65266.0064
ETH $3170.2759
BNB $579.9567
SOL $151.5810
stETH $3170.3792
XRP $0.5307
DOGE $0.1622
TON $6.2152
ADA $0.5047
AVAX $37.5087
wstETH $3690.1011
WBTC $65350.8728
DOT $7.1858
WETH $3168.2550
TRX $0.1112
BCH $512.3933
LINK $14.9136
MATIC $0.7262
ICP $15.2978
UNI $7.8248
LTC $85.1449
DAI $1.0008
RNDR $9.1190
CAKE $2.9399
IMX $2.1935
STX $2.8650
ETC $27.9082
FDUSD $0.9998
MNT $1.2003
NEAR $6.3271
FIL $6.6129
OKB $55.7832
HBAR $0.0909
TAO $475.1056
VET $0.0423
WIF $3.0785
ATOM $8.6865
MKR $3070.6157
KAS $0.1185
FET $2.4759
GRT $0.2860
INJ $29.1371
PEPE $0.0000
USDE $0.9998
XLM $0.1150
THETA $2.2569
XMR $121.6010
BTC $65266.0064
ETH $3170.2759
BNB $579.9567
SOL $151.5810
stETH $3170.3792
XRP $0.5307
DOGE $0.1622
TON $6.2152
ADA $0.5047
AVAX $37.5087
wstETH $3690.1011
WBTC $65350.8728
DOT $7.1858
WETH $3168.2550
TRX $0.1112
BCH $512.3933
LINK $14.9136
MATIC $0.7262
ICP $15.2978
UNI $7.8248
LTC $85.1449
DAI $1.0008
RNDR $9.1190
CAKE $2.9399
IMX $2.1935
STX $2.8650
ETC $27.9082
FDUSD $0.9998
MNT $1.2003
NEAR $6.3271
FIL $6.6129
OKB $55.7832
HBAR $0.0909
TAO $475.1056
VET $0.0423
WIF $3.0785
ATOM $8.6865
MKR $3070.6157
KAS $0.1185
FET $2.4759
GRT $0.2860
INJ $29.1371
PEPE $0.0000
USDE $0.9998
XLM $0.1150
THETA $2.2569
XMR $121.6010
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • A small bug in the SafeMoon DeFi platform code allowed cybercriminals to “pump out” almost $9 million worth of cryptocurrencies

    The interesting circumstances of the attack confuse even experts.

    The SafeMoon token liquidity pool lost $8.9 million after an unknown hacker took advantage of the newly added “burn” smart contract feature, which artificially inflated the price of the SFM cryptocurrency, allowing members to sell it at a much higher profit.

    Liquidity pools on DeFi platforms are large deposits of cryptocurrencies that facilitate trading, provide market liquidity, and generally allow exchanges to function without borrowing currency from third parties.

    Yesterday, SafeMoon confirmed the incident on its Twitter and stated that it is currently working on a solution to the problem.

    SafeMoon CEO John Caroni said the attack occurred on Tuesday, March 28 and affected the SFM:BNB liquidity pool, but not the platform's entire exchange. “We discovered the alleged exploit, fixed the vulnerability, and engaged a network forensics consultant to determine the exact nature and extent of the exploit. Users need to be sure that their tokens remain safe. I want to assure you that other DEX pools were not affected,” SafeMoon’s director said in a statement.

    Blockchain security experts PeckShield have shared more details about the vulnerability used by the hacker to rob SafeMoon. According to PeckShield, a recent update to the SafeMoon platform introduced a new smart contract feature called "burn" that allows you to "burn" tokens. In itself, “burning tokens” is a completely normal and legitimate process on crypto platforms. But in the case of SafeMoon, the feature was erroneously set to be public with no restrictions, allowing anyone on the platform to take advantage of it.

    SafeMoon's director has previously said "burning" will only be used in emergencies. For example, when the liquidity pool faces risks due to malicious smart contracts, excessive slippage and other issues. But since the attacker took advantage of it, he decided in his own interests to burn more SafeMoon tokens at once, as a result of which the price of the token rose sharply.

    As soon as the price rose, SafeMoon's cryptocurrency was sold from another address at a manipulated price, allowing nearly $9M to be siphoned out of SafeMoon:WBNB's liquidity pool.

    Funny enough, a few hours after the attack, the person who converted SafeMoon to BNB stated that he did not do it with malicious intent, but “accidentally got ahead of the curve” after the price was artificially high due to the use of the “burn” function. ". Allegedly, someone else burned the tokens, and this person just managed to make a profitable deal.

    “Hey, relax, we accidentally launched an attack against you and would like a refund. Let's set up a secure communication channel and talk, ”says a comment added to the transaction.

    At the time of writing, the cryptocurrency “thief” transferred about 4,000 Binance coins (BNB) worth $1.2 million to another address, which corrected the SMF rate for the better. If this attack really was an accident or a simple “prank”, soon all the currency “pumped out” from the SafeMoon liquidity pool will be returned back, and the incident can be forgotten.

    Nevertheless, SafeMoon accurately drew an important conclusion from this situation and carefully checked if there are any other errors in the platform code that allow ordinary participants in the crypto exchange to gain access that they are not entitled to in principle. Probably, the owners of other DeFi platforms will soon carry out the same checks in order not to step on the same rake.

    Author DeepWeb
    Tether blocked the funds of a hacker who stole $25 million worth of cryptocurrency
    DeFi protocol SafeMoon made a peace deal with a hacker

    Comments 0

    Add comment