Fake money fans are once again mourning the theft of worthless tokens. Finding security flaws in brittle DeFi “smart contracts” seems like shooting fish in a barrel.
The notional value of that stolen cryptocurrency is $3 billion this year so far. And the losses are accelerating: Since that number was calculated, we’ve learned of another huge DeFi hack, adding another million or so to the total.
And nothing of value was lost. In today’s SB Blogwatch, we point and laugh at naked emperors.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Tesla <3 Westinghouse.
In Fiat We Trust
What’s the craic? Molly White reports—“Earning.Farm exploited for $971,000”:
The DeFi project Earning.Farm lost 748 ETH (~$971,000) to a hacker using a flash loan attack. The project contract was missing a check that a flash loan was initiated by the protocol, so the attacker was able to instruct the project to withdraw large amounts of funds.
A “flash loan” attack? Vladislav Sopov explains—“Earning.farm Yield Platform Under Attack”:
“A month of unmatched attacks”
EFLeverVault, a key element of earning.farm DeFi’s design, was targeted by flash loan attacks. Due to an architecture flaw of its contract, attackers managed to withdraw all Ethers (ETH) stored in the contract that was designed to act as collateral.
…
October 2022 will be remembered as a month of unmatched attacks against the mainstream DeFi infrastructure. On Oct. 7, 2022, a bridge between two elements of BNB Chain was exploited for $566 million. … On Oct. 12, Solana-based liquidity protocol Mango was drained of $100 million as a malefactor managed to manipulate the price oracles.
Good grief. But DeFi hacking is definitely on a tear, as Taylor Locke notes—“2022 is on pace to become crypto’s ‘biggest year for hacking on record’”:
“Cross-chain bridges … have been repeatedly attacked”
A record month in a record year—and the month isn’t even…
