The DeFi exploit, the GameFi Rug Pull & the exchange that closed itself is a tripple whammy that happened in less than 24 hours in which a DeFi platform was hacked, creators of a play-to-earn (P2E) GameFi project allegedly rug-pulled their investors, and a Solana (SOL)-powered exchange accidentally shut itself down, all of which remind us of the perils in the crypto world.
The Defi Exploit – An Expensive Hack
DeFi lending technology Cream Finance was attacked by hackers on Tuesday, according to blockchain security firm PeckShield, due to a “bug caused by [the] AMP” currency.
“The hacker makes a flash loan of [ETH 500 (USD 79,000)] and deposits the funds as collateral. Then the hacker borrows [$AMP 19m] and makes use of the reentrancy bug to re-borrow [ETH 355] inside $AMP token transfer. Then the hacker self-liquidates the borrow,” PeckShield added.
According to the security firm, the hacker repeated this technique 17 times in order to acquire ETH 5,980. (USD 9.5m).
4/4 The hacker repeats the above process in 17 different txs and gains in total 5.98K ETHs (with ~$18.8M). The funds are still parked in 0xCE1F….6EDE. We are actively monitoring this address for any movement.
— PeckShield Inc. (@peckshield) August 30, 2021
Cream Finance acknowledged the breach, adding that it was prevented by “pausing supply and borrowing on AMP.”
The GameFi Rugg Pull – Scared Investors
Meanwhile, HeroCat, a GameFi (P2E blockchain-powered games) initiative, looks to have fleeced its investors. According to CoinGecko statistics, the game’s token, HeroCat Token (HCT), has lost more than 99.9% in the last week.
According to PeckShield, HCT, which is built on the Binance Chain, “performed a significant sale and transferred” around USD 151,000 worth of the Binance USD (BUSD) stablecoin. HeroCat has yet to provide any information on the present situation.
The Exchange That Closed Itself – An Upgrade Gone Wrong
Furthermore, a Solana-based DeFi project was mistakenly closed owing to a development error. “Decentralized options exchange” OptiFi says the project was shut down yesterday during a normal upgrade.
The project’s official account on Twitter wrote:
“We accidentally closed the OptiFi mainnet program and it’s not recoverable.”
It further added that the mistake has resulted in the loss of $664,000 in funds. Most of the money was from team members.
OptiFi’s program has been closed by mistakes we made.
1. We accidentally closed the OptiFi mainnet program and it’s not recoverable
2. 661k USDC is locked in the PDAs, luckily 95% of the fund is from our team member
3. We will compensate for all users’ funds
— OptiFi (@OptifiLabs) August 29, 2022
The team stated in a post-mortem that they intended to upgrade the protocol on August 29 but stopped the operation since the deployment took longer than planned owing to network congestion. They then observed that a second “buffer” account had been formed, and that OptiFi had already sent SOL 17.2 (USD 558) tokens to it.
To retrieve such assets, the team sought to shut down the OptiFi initiative. The method succeeded, but instead of stopping it momentarily, the application was permanently shut off.
“We will return all users’ deposits and settle all user positions manually according to PythNetwor oracle at 8 AM UTC on Sep 2nd,” the team said.
Read the latest crypto news.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]