Hackers Get Away with Tens of Millions of Dollars Worth of Cryptocurrency

What Did the Hackers Do?

How exactly did this heist take place? After all, cryptocurrency blockchains are supposed to be some of the most secure online services in the world, so the fact that someone could not only figure out an exploit, but also escape with that much money, is noteworthy to say the least.

An internal accounting error within MonoX Finance let the culprit inflate the price of the MONO token and then use it to cash out $31 million worth of Ethereum and Polygon tokens. This was done by altering the sell price without changing the buy price, meaning that the transactions were weighed heavily in their favor.

This exploit was allowed to happen specifically due to a feature known as Smart Contracts, which are essentially automated scripts that are activated under certain conditions. However, since these scripts are automated, there is no human to look at each case and gauge whether it’s a good idea or not, meaning that they can be manipulated under the right circumstances.

“These kinds of attacks are common in smart contracts, because many developers do not put in the legwork to define security properties for their code… They had audits, but if the audits only state that a smart person looked at the code for a given period of time, then the results are of limited value. Smart contracts need testable evidence that they do what you intend and only what you intend. That means defined security properties and techniques employed to evaluate them,” said Dan Guido, expert in the securing of smart contracts.

While this attack is enormous, it’s not the first to occur under similar circumstances. Similar attacks have occurred to other financial firms that deal in cryptocurrency, like Indexed Finance losing $16 million due to index pool management.

This news is republished from another source. You can check the original article here

Be the first to comment

Leave a Reply

Your email address will not be published.


*