ThorChain, one of the most prominent cross-chain DEXs, was hit by an attack that resulted in the theft of 4,000 Ether.
The team acted rapidly to identify the exploited problem and release a fix, which will be applied within 24 hours if the community approves.
Just weeks after a similar attack, one of the most prominent cross-chain decentralized exchanges (DEXs) was attacked, resulting in the theft of thousands of Ether. The exploit was publicized on Twitter by THORChain, who revealed that the attacker had used a bespoke wrapper contract to deceive the ETH Bitfrost. The project offered to reimburse the lost cash to ETH liquidity providers.
The attackers made off with 13,000 ETH, according to THORChain engineers. They later clarified this and stated that the damage was valued at 4,000 ETH. They then shut down the network to figure out how big the exploit was and how quickly they could repair it.
The assault was carried out via the ETH Bitfrost, which had just been “modified to allow the router to be “wrapped” by contracts (to allow composability),” according to the team’s initial evaluation.
“The attacker then deceived the Bifrost by transferring 0 ETH using a bespoke wrapper contract,” the developers explained.
The team responded by releasing a patch, restarting the network, blocking outstanding outbounds, and restoring solvency.
Also read: $50 million stolen from Uranium Finance, another BSC rug pull?
‘Return the money, and we’ll reimburse you.’
The THORChain team assured the community on Telegram that the project’s war chest had enough funds to reimburse anyone who had lost their funds. The attacker, on the other hand, was urged to return the monies stolen, and as a reward, he would be paid out as part of the bug bounty program.
While the Treasury has sufficient cash to cover the theft, we ask that the attacker contact the team to discuss the restoration of funds and a bounty commensurate with the discovery.
One of the most surprising parts of the attack was that nodes and liquidity providers in the network made millions. The THORChain team revealed the following:
The attacker paid large slip fees, with nodes capturing approximately $1.4 million and ERC20 LPs capturing another $1.4 million. Only ETH LPs are affected, and they will be compensated. Consequently, despite the exploit, Nodes, LPs, and Arbers will benefit significantly.
Following the exploit, THORChain’s RUNE token took a hit.
According to our statistics, it has dropped 18 percent in the last 24 hours, trading at $4.70 at press time, down from $5.83. The coin now has a market capitalization of $1.09 billion, making it the 65th most valuable cryptocurrency.
In April, THORChain announced the debut of Chaosnet, claiming to be the first platform to allow native crypto assets to be traded on a DEX across several blockchains without the use of bridging technology or wrapped tokens. It enables cross-chain swaps across the blockchains of Bitcoin, Ethereum, Bitcoin Cash, Binance Smart Chain, and Litecoin.
Erik Voorhes, the inventor of ShapeShift and a crypto legend at the time, hailed the debut as “one of the most important events in crypto this year.” “Tomorrow is the launch date for Thorchain. Decentralized native cross-chain exchange. Never before has anything like this been attempted. Possibly the most important event in crypto this week, even if it won’t be clear for another year or two ;), “He sent out a tweet.
THORCHAIN/n
