Thursday, October 5, 2023

Oracle Hack Uses Inverse Finance

Advertisement

Barely two months after squandering $15.6 million in a value Oracle tampering hack, Inverse Finance was hit with another flashloan breach. This time, it leads to the disappearance of $1.26 million in Tether as well as Wrapped Bitcoin.

Inverse Finance is a DeFi system that Ethereum develops. Thus, a flashloan is a sort of cryptocurrency credit that they often acquire and return in a single trade outside Price Data that Oracle provides.

The most recent vulnerability utilizes a flashloan to alter the pricing oracle for a Liquidity Provider token. This is what the system’s money market service uses. Moreover, it will let the perpetrator loan more of the protocol’s stablecoin DOLA than what they possess in collateral, allowing them to collect the excess.

Hackers Modify the Prices of Collateralized Tokens

The assault occurs just over two months after a comparable April 2 hack. This is when criminals intentionally manipulate collateralized coin values via price oracle in order. Their purpose is to drain cash by utilizing extortionate prices.

In reaction to the assault, Inverse Finance freezes borrowing and pulls out its DOLA stablecoin from the financial markets while examining the situation. They are claiming that no customer funds were in danger.

After an event this morning in which they remove DOLA from the money market, Frontier temporarily stops borrowing. They are looking into the situation, and no one was in danger. They eventually discover that the incident solely damages the attacker’s collateral.

Furthermore, as a result of the stolen DOLA, they are charging themselves. It urges the assailant to return the money in exchange for a generous reward. The attacker obtains 99,976 USDT and 53.2 WBTC from the hack. This is what they convert to ETH before passing it via the crypto aggregator Tornado Cash in an effort to disguise the ill-gotten profits.

The last incident in April culminates in the theft of $15.6 million in ETH, WBTC, YFI, as well as DOLA.

In March, the DeFi exchange Deus Finance becomes a victim of a similar hack. The hackers are altering a price matching within an oracle. This culminates in a profit of 200,000 Dai and 1101.8 ETH, worth more than $3 million in total.

How the Most Recent Assault Occur

In a flash loan assault, Beanstalk Farms, a lending stablecoin platform, lost all $182 million in collateral. This it is due to the two fraudulent governance proposals that eventually suck all money from the system.

The perpetrator acquires 27,000 WBTC in a flashloan, switching a minor amount to the LP coin that they use to deposit security in Inverse Finance for users could loan digital currencies.

They then convert the other WBTC to USDT.  This leads the assailant’s LP token’s price to skyrocket in the perspective of the pricing oracle.

Advertisement
Jacob Yang
Jacob Yanghttps://www.cryptoconstellation.com/
Jacob Yang works at Cryptoconstellation as a writer. He has been working in finance for the past 6 years. Jacob loves sharing news about the cryptocurrency world and he, himself has invested in a few. Jacob enjoys travelling and finding the best restaurants wherever he goes.
Advertisement

More from Crypto News Constellation

Advertisementspot_img
[tds_leads input_placeholder="Email address" btn_horiz_align="content-horiz-center" pp_checkbox="yes" pp_msg="SSd2ZSUyMHJlYWQlMjBhbmQlMjBhY2NlcHQlMjB0aGUlMjAlM0NhJTIwaHJlZiUzRCUyMiUyMyUyMiUzRVByaXZhY3klMjBQb2xpY3klM0MlMkZhJTNFLg==" msg_composer="success" display="column" gap="10" input_padd="eyJhbGwiOiIxNXB4IDEwcHgiLCJsYW5kc2NhcGUiOiIxMnB4IDhweCIsInBvcnRyYWl0IjoiMTBweCA2cHgifQ==" input_border="1" btn_text="I want in" btn_tdicon="tdc-font-tdmp tdc-font-tdmp-arrow-right" btn_icon_size="eyJhbGwiOiIxOSIsImxhbmRzY2FwZSI6IjE3IiwicG9ydHJhaXQiOiIxNSJ9" btn_icon_space="eyJhbGwiOiI1IiwicG9ydHJhaXQiOiIzIn0=" btn_radius="0" input_radius="0" f_msg_font_family="521" f_msg_font_size="eyJhbGwiOiIxMyIsInBvcnRyYWl0IjoiMTIifQ==" f_msg_font_weight="400" f_msg_font_line_height="1.4" f_input_font_family="521" f_input_font_size="eyJhbGwiOiIxMyIsImxhbmRzY2FwZSI6IjEzIiwicG9ydHJhaXQiOiIxMiJ9" f_input_font_line_height="1.2" f_btn_font_family="521" f_input_font_weight="500" f_btn_font_size="eyJhbGwiOiIxMyIsImxhbmRzY2FwZSI6IjEyIiwicG9ydHJhaXQiOiIxMSJ9" f_btn_font_line_height="1.2" f_btn_font_weight="600" f_pp_font_family="521" f_pp_font_size="eyJhbGwiOiIxMiIsImxhbmRzY2FwZSI6IjEyIiwicG9ydHJhaXQiOiIxMSJ9" f_pp_font_line_height="1.2" pp_check_color="#000000" pp_check_color_a="#fdbf46" pp_check_color_a_h="#000000" f_btn_font_transform="uppercase" tdc_css="eyJhbGwiOnsibWFyZ2luLWJvdHRvbSI6IjQwIiwiZGlzcGxheSI6IiJ9LCJsYW5kc2NhcGUiOnsibWFyZ2luLWJvdHRvbSI6IjMwIiwiZGlzcGxheSI6IiJ9LCJsYW5kc2NhcGVfbWF4X3dpZHRoIjoxMTQwLCJsYW5kc2NhcGVfbWluX3dpZHRoIjoxMDE5LCJwb3J0cmFpdCI6eyJtYXJnaW4tYm90dG9tIjoiMjUiLCJkaXNwbGF5IjoiIn0sInBvcnRyYWl0X21heF93aWR0aCI6MTAxOCwicG9ydHJhaXRfbWluX3dpZHRoIjo3Njh9" msg_succ_radius="0" btn_bg="#fdbf46" btn_bg_h="#dd9933" title_space="eyJwb3J0cmFpdCI6IjEyIiwibGFuZHNjYXBlIjoiMTQiLCJhbGwiOiIwIn0=" msg_space="eyJsYW5kc2NhcGUiOiIwIDAgMTJweCJ9" btn_padd="eyJsYW5kc2NhcGUiOiIxMiIsInBvcnRyYWl0IjoiMTBweCJ9" msg_padd="eyJwb3J0cmFpdCI6IjZweCAxMHB4In0=" msg_err_radius="0" f_btn_font_spacing="1" title_text="Stay Up to Date"]

LATEST CRYPTO NEWS

Related Crypto News

Celsius Gets Lawyer to Recoup $180M

Holders of accounts amount to 4% of the total funds held by the bankrupt crypto lender. Customers of the...

El Salvador’s Surprising Debt Buyback

On Tuesday, the president of El Salvador announced plans to extend a voluntary repurchase offer to bondholders whose...

Crypto Crisis Prompts Regulation

Bills and the human toll create a perfect storm. Cryptos thrived as old-system alternatives. The recent crypto crash has...

Chipotle Buys the Dip Game Mainstreams Crypto

Despite a drop in pricing this year, Bitcoin and other crypto assets continue to enter the mainstream. Some...