Starting from March 1st and until the half of the month, De.Fi Rekt Database has covered 13 Rekt cases with a total amount loss of more than $20 million. The security breaches were mainly around lending protocols, while rug pulls and scams had the root of fraud presales.
Let’s take a quick look at all of them and make a small recap of what has happened.
The attacker’s address:
https://blockscout.com/xdai/mainnet/address/0xD041Ad9aaE5Cf96b21c3ffcB303a0Cb80779E358/transactions
Using flash loans as collateral, the attacker(s) layered multiple borrow functions within one another, increasing the amount borrowed before the protocol could update the debt balance. Repeating this approach resulted in borrowing assets that were significantly more valuable than the collateral provided.
Stolen funds were bridged to Ethereum and deposited into Tornado Cash mixer:
https://etherscan.io/txs?a=0xd041ad9aae5cf96b21c3ffcb303a0cb80779e358
This is the second case when Hundred Finance became a victim
More details on Rekt Database =>
The attacker’s address is the same that attacked Hundred Finance:
https://blockscout.com/xdai/mainnet/address/0xD041Ad9aaE5Cf96b21c3ffcB303a0Cb80779E358/transactions
The attacks were made possible due to the xDAI token’s architecture, which includes the function callAfterTransfer(), which creates a reentrancy vulnerability. The same vector was used to attack Agave.
More details on Rekt Database =>
The attacker’s address:
https://ftmscan.com/address/0x1ed5112b32486840071b7cdd2584ded2c66198dd
The transaction behind the attack:
https://ftmscan.com/tx/0xe374495036fac18aa5b1a497a17e70f256c4d3d416dd1408c026f3f5c70a3a9c
The hack is made possible due to the flash loan-assisted manipulation of the price oracle that takes the price from the pair of StableV1 AMM — USDC/DEI. The attacker’s steps:
More details on Rekt Database =>
The exploiter’s address:
https://ftmscan.com/address/0x47091e015b294b935babda2d28ad44e3ab07ae8d
The exploiter’s steps:
That contract exploited the error in Fantasm’s Pool contract where the developer missed the condition checking for the minimum amount of input FTM when minting XFTM.
More details on Rekt Database =>
The exploiter:
https://bscscan.com/address/0x94bc1d555e63eea23fe7fdbf937ef3f9ac5fcf8f
The example transaction behind the exploit:
https://bscscan.com/tx/0x70f367b9420ac2654a5223cc311c7f9c361736a39fd4e7dff9ed1b85bab7ad54
The hack is made possible due to a reentrancy bug (introduced by the use of a crafted token contract) in the depositByAddLiquidity() function, which somehow doubles the credits the hacker is able to claim. The result gains were swapped via PancakeSwap.
More details on Rekt Database =>
The exploiter’s address:
https://etherscan.io/address/0x7c42f2a7d9ad01294ecef9be1e38272c84607593
The transaction behind the exploit:
https://etherscan.io/tx/0x7d2296bcb936aa5e2397ddf8ccba59f54a178c3901666b49291d880369dbcf31
The hack is made possible due to a reentrancy bug in the lend() routine so that the exploiter can get more lending credits via re-entering the lend() routine.
The contract exploit led to sending 957,166 USDC out of the protocol. A second exploit was prevented by a white hat group who returned the 34,232 USDC they received. These changes caused the price of bHOME to temporarily unpeg and decrease to $0.86.
As of March 6th, the BaconCoin team has deposited 991,441 USDC into the BaconCoin multi-sig that will be used to recapitalize the protocol:
https://etherscan.io/tx/0xf13823eccb9debdfc41cbd4a36430fa727271e74fca27caadadb967fd5bdcdc7
https://etherscan.io/tx/0x23ccdd965c1c376d229c121cc1ffe113a6dac1ecc6a6b16ae4af92d8428dc668
The project was holding an NFT minting event.
The contract deployer withdrew all deposited ETH after the NFT mint:
https://etherscan.io/tx/0x5b75f9bdc8a480c35976b1098dd9afddd51bc061a1b3c7f5ea0b257c6adfad79
https://etherscan.io/tx/0x7cdb35a1bf723c6bb395b5bffd27a60fa965b3ada33a3d3ed7a76ec755440414
More details on Rekt Database =>
The project was holding an NFT presale event.
The contract deployer withdrew all deposited ETH at:
https://etherscan.io/address/0x5cad06e17452179abe3ee7f99ce649d16d059616#internaltx
More details on Rekt Database =>
Here begins a series of scams that carried out sales on the PinkSale platform:
https://www.pinksale.finance/#/launchpad/0x5a626dD78FFba94237B00Fd354Ff328EB1c9aD82?chain=BSC
All gathered funds 417.31 BNB were withdrawn by the contract deployer:
https://bscscan.com/address/0xad8970026ea0f76ffdf758c61c5af6d383341392#internaltx
More details on Rekt Database =>
The project token identifies as honeypot:
https://honeypot.is/?address=0xB463D04DA3CCb35093CCe292212638a16A1Cd934
The contract deployer enabled the blacklist for users that prevents selling the token:
https://bscscan.com/tx/0x46b8d20fe5bb08dc29bd9472330c00c744eb3f222a0e11b7a73cf0644b1e30d6
Tokens were sold by the contract deployer in multiple transactions:
https://bscscan.com/address/0x1dc2607e547e99d4de192c589a178c0c353f6b89#tokentxns
More details on Rekt Database =>
The project was holding presale on the PinkSale platform:
https://www.pinksale.finance/#/launchpad/0xC2A65ef69Ae72BD2c66A4158516A61E3f1EF3cfd?chain=BSC
The contract deployer withdrew liquidity from the sale contract:
https://bscscan.com/tx/0xbe7eb82b44b5356d094fea2764f976cd550a6e72e1c14818b25d248a30c7e3d4
More details on Rekt Database =>
The project was holding a presale on PinkSale:
https://www.pinksale.finance/#/launchpad/0x1b3206aF7834c7A4cB1301CAC1CEB2834543992f?chain=BSC
The contract deployer withdrew liquidity at:
https://bscscan.com/tx/0x0ccef5b68196bfb74f73363a1a91c3bb720ad1278bcbe431ac115a536f3fc140
Stolen funds were transferred out to the external address and deposited into Tornado Cash mixer:
https://bscscan.com/tx/0xef589ed5aef92e4e20c22be683d1e07d6badf9048517c583207144fa11f45d8d
More details on Rekt Database =>
The exploiter’s address:
https://arbiscan.io/address/0x9b1acd4336ebf7656f49224d14a892566fd48e68
The example of the transaction:
https://arbiscan.io/tx/0x37222d3ad371dff2d3f3ae1c788d1cc4ad69e9f1839776830726485119a89269
The protocol was exploited in several transactions, leading to more than 100 NFTs being stolen from different collections of Treasure Marketplace.
The exploiter’s steps:
The hack is made possible due to a bug in distinguishing ERC721 and ERC1155 in buyItem(), which miscalculates the price of ERC721 as ERC1155 with the given 0 quantity.
As always, stay safe and DYOR!
For more De.Fi updates you can visit us at:
🌐 Website | 📱 Telegram | 🐦Twitter
Tezos Ultimate Yield Farming Guide [Infographics]
Solana Network Ultimate Yield Farming Guide [Infographics]
Fantom Network Ultimate Yield Farming Guide [Infographics]
Huobi ECO Chain Ultimate Guide for Yield Farming
Polygon Network Ultimate Guide for Yield Farming
Binance Chain Ultimate Guide for Yield Farming
EOS Ultimate Yield Farming Guide
Arbitrum Ultimate Guide [Infographics]
The Ultimate Yield Farming Guide For Terra Blockchain (Luna) [Infographics]
The Ultimate Guide to Avalanche Network
Ultimate Guide to Yield Farming on Harmony (with infographics)
Ultimate Guide to Tron Network [Infographics]
The Ultimate Yield Farming Guide For Moonriver Network
The Ultimate Yield Farming Guide For Celo
The Ultimate Yield Farming Guide For KuCoin Community Chain
The Ultimate Yield Farming Guide For NEAR Protocol
The Ultimate Yield Farming Guide For Algorand
The Ultimate Guide For Elrond
The Ultimate Guide For Polkadot
The Ultimate Yield Farming Guide For Cosmos
And join us on twitter and telegram!
Good luck in farming!
March 18 • 8 minutes
As an investor in DeFi, keeping track of digital assets across various platforms and blockchains can be a daunting task.
April 5 • 8 minutes
As the crypto bull market heats up, more investors seek to navigate the burgeoning world of decentralized finance (DeFi).
March 8 • 20 minutes
When engaging with decentralized finance (DeFi), investors often face the challenge of managing investments, tracking yields, and ensuring they keep all their assets safe.
February 15 • 15 minutes
January 2024 was an incredibly important month for us. We achieved significant results and made remarkable progress.
February 6 • 4 minutes
With new crypto ecosystems popping up on a regular basis, the integration of different blockchain networks with popular wallets is a key narrative moving into the next crypto cycle.
January 26 • 6 minutes
This month, we are proud to announce that De.Fi has secured investments from the first BTC ETF provider. We're seeing a huge spike in mentions and social interest in De.Fi and $DEFI token right before the listing.
January 18 • 6 minutes
© De.Fi. All rights reserved.
