BTC $51524.6928
ETH $3102.2833
BNB $384.2776
SOL $103.2311
XRP $0.5405
ADA $0.5849
AVAX $36.9511
TRX $0.1377
DOGE $0.0856
wstETH $3587.3896
LINK $18.6494
DOT $7.8438
WETH $3100.0078
UNI $11.0945
MATIC $0.9971
WBTC $51554.8458
IMX $3.3401
ICP $12.4013
LTC $70.0025
BCH $266.3236
CAKE $3.1426
FIL $8.1456
ETC $27.0947
RNDR $7.2587
DAI $1.0009
KAS $0.1676
HBAR $0.1071
ATOM $10.3461
INJ $35.4309
VET $0.0467
TON $2.0697
OKB $50.3127
FDUSD $0.9994
LDO $3.3633
GRT $0.3004
ARB $1.8920
XMR $128.8577
TIA $16.5811
XLM $0.1156
STX $2.5143
ENS $22.4126
NEAR $3.6605
APEX $2.4601
WEMIX $2.0774
MKR $2060.5410
BEAM $0.0332
MNT $0.8950
BTC $51524.6928
ETH $3102.2833
BNB $384.2776
SOL $103.2311
XRP $0.5405
ADA $0.5849
AVAX $36.9511
TRX $0.1377
DOGE $0.0856
wstETH $3587.3896
LINK $18.6494
DOT $7.8438
WETH $3100.0078
UNI $11.0945
MATIC $0.9971
WBTC $51554.8458
IMX $3.3401
ICP $12.4013
LTC $70.0025
BCH $266.3236
CAKE $3.1426
FIL $8.1456
ETC $27.0947
RNDR $7.2587
DAI $1.0009
KAS $0.1676
HBAR $0.1071
ATOM $10.3461
INJ $35.4309
VET $0.0467
TON $2.0697
OKB $50.3127
FDUSD $0.9994
LDO $3.3633
GRT $0.3004
ARB $1.8920
XMR $128.8577
TIA $16.5811
XLM $0.1156
STX $2.5143
ENS $22.4126
NEAR $3.6605
APEX $2.4601
WEMIX $2.0774
MKR $2060.5410
BEAM $0.0332
MNT $0.8950
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • A small bug in the SafeMoon DeFi platform code allowed cybercriminals to “pump out” almost $9 million worth of cryptocurrencies

    The interesting circumstances of the attack confuse even experts.

    The SafeMoon token liquidity pool lost $8.9 million after an unknown hacker took advantage of the newly added “burn” smart contract feature, which artificially inflated the price of the SFM cryptocurrency, allowing members to sell it at a much higher profit.

    Liquidity pools on DeFi platforms are large deposits of cryptocurrencies that facilitate trading, provide market liquidity, and generally allow exchanges to function without borrowing currency from third parties.

    Yesterday, SafeMoon confirmed the incident on its Twitter and stated that it is currently working on a solution to the problem.

    SafeMoon CEO John Caroni said the attack occurred on Tuesday, March 28 and affected the SFM:BNB liquidity pool, but not the platform's entire exchange. “We discovered the alleged exploit, fixed the vulnerability, and engaged a network forensics consultant to determine the exact nature and extent of the exploit. Users need to be sure that their tokens remain safe. I want to assure you that other DEX pools were not affected,” SafeMoon’s director said in a statement.

    Blockchain security experts PeckShield have shared more details about the vulnerability used by the hacker to rob SafeMoon. According to PeckShield, a recent update to the SafeMoon platform introduced a new smart contract feature called "burn" that allows you to "burn" tokens. In itself, “burning tokens” is a completely normal and legitimate process on crypto platforms. But in the case of SafeMoon, the feature was erroneously set to be public with no restrictions, allowing anyone on the platform to take advantage of it.

    SafeMoon's director has previously said "burning" will only be used in emergencies. For example, when the liquidity pool faces risks due to malicious smart contracts, excessive slippage and other issues. But since the attacker took advantage of it, he decided in his own interests to burn more SafeMoon tokens at once, as a result of which the price of the token rose sharply.

    As soon as the price rose, SafeMoon's cryptocurrency was sold from another address at a manipulated price, allowing nearly $9M to be siphoned out of SafeMoon:WBNB's liquidity pool.

    Funny enough, a few hours after the attack, the person who converted SafeMoon to BNB stated that he did not do it with malicious intent, but “accidentally got ahead of the curve” after the price was artificially high due to the use of the “burn” function. ". Allegedly, someone else burned the tokens, and this person just managed to make a profitable deal.

    “Hey, relax, we accidentally launched an attack against you and would like a refund. Let's set up a secure communication channel and talk, ”says a comment added to the transaction.

    At the time of writing, the cryptocurrency “thief” transferred about 4,000 Binance coins (BNB) worth $1.2 million to another address, which corrected the SMF rate for the better. If this attack really was an accident or a simple “prank”, soon all the currency “pumped out” from the SafeMoon liquidity pool will be returned back, and the incident can be forgotten.

    Nevertheless, SafeMoon accurately drew an important conclusion from this situation and carefully checked if there are any other errors in the platform code that allow ordinary participants in the crypto exchange to gain access that they are not entitled to in principle. Probably, the owners of other DeFi platforms will soon carry out the same checks in order not to step on the same rake.

    Author DeepWeb
    Tether blocked the funds of a hacker who stole $25 million worth of cryptocurrency
    DeFi protocol SafeMoon made a peace deal with a hacker

    Comments 0

    Add comment