09 May 2022 18:40, UTC
Reading time: ~2 m
Fortress, the team behind the decentralized finance (DeFi) protocol, has confirmed that their product has been hacked by hackers. Cybercriminals stole $3 million, which is all the funds that were frozen in the smart contract.
According to the startup’s founders, the attackers successfully attacked the algorithmic marketplace and found a vulnerability in the lending protocol. They were able to detect the bug and perform oracle manipulation. The stolen cryptocurrency was redirected from Binance Smart Chain to Ethereum. The hackers then took advantage of Tornado Cash’s privacy protocol and muddled the transaction trail.
The team said it contacted blockchain security company CertiK. Local experts assured that the hacker used Ethereum cryptocurrency to buy a native FTS protocol control token. By performing a series of unsophisticated manipulations, the attacker was able to gain the power to accept any proposals to change the protocol. He immediately edited the collateral factor for FTS tokens in loan agreements and updated the pricing oracle.
Such manipulation gave him the ability to borrow a large number of tokens stored in smart contracts without spending a dime. He converted crypto-assets into ETH and over 400k DAI.
Representatives of the protocol assured that they will be doing their own investigation and will also entrust the matter to specialists from Certik. In addition, in the near future, the startup team will tell about their plans to compensate their own customers with money.
Earlier, the Crypto.ru editorial board reported that DeFiance Capital founder Arthur_0x was attacked by hackers. They managed to steal $1.6 million in cryptocurrencies from his hot wallet. The businessman himself said that he would not leave it unattended and promised that he would do everything to track down the criminals.
#Hackers #successfully #attacked #DeFi #protocol