Trusted

Midas Capital Releases $660,000 Exploit Post Mortem, DeFi Attacks Carry Into 2023

2 mins
Updated by Kyle Baird
Join our Trading Community on Telegram

In Brief

  • DeFi lending and borrowing platform Midas Capital released a postmortem on a $660,000 exploit.
  • The attacker used a flash loan exploit on a new collateral option for a Jarvis Network pool.
  • The team has reached out to the attacker and offered a bug bounty in the hopes that the funds will be returned.
  • promo

Midas Capital suffered a $660,000 exploit after an attacker used a flash loan exploit on a Jarvis Polygon pool. The team has released a postmortem explaining what happened.

DeFi lending and borrowing platform Midas Capital has released a postmortem on the $660,000 exploit it experienced on Jan. 16. Midas Capital paused the borrowing on the Jarvis Polygon pool, which was the source of the exploit. The team said that a suspicious transaction used a recently added collateral token.

Not long after the exploit, the team released the postmortem. It stated that Midas listed the WMATIC-stMATIC Curve LP token only a few days ago. This was not yet announced and had a supply cap of $250,000.

The Jarvis Network team and Midas Capital were discussing adding new collateral options and placing supply caps to prevent large borrows. This wasn’t enough to prevent the exploit, which was the popular flash loan kind that has plagued the market for years.

The flash loan exploit saw the attacker inflation the price of the LP token, borrowing against it. They made away with over $660,000 of jAssets. The team admitted that it made a judgment error, thinking that the reentrancy would it had seen in the past would not affect the chain’s native ‘raw_call’ function.

Devs Reach Out to Offer Bounty

The developers have made attempts to recover the funds. They have reached out to the attacker in the hopes that they will return it, offering a bug bounty in return. So far, there have been no updates on whether the attacker has responded.

Meanwhile, the team is looking at other ways to deal with the losses. They are conducting internal processes to prevent a repeat of the attack. It notes that establishing borrowing limits on newly added collateral or having a cooldown period would have limited the attack surface.

The Midas Capital team claims it will focus on exercising caution when adding new collateral and work on developing a risk assessment framework. It also plans to add more checks and balances.

Crypto Community Hopes 2023 Will Be Better

DeFi exploits continue to haunt the market, and these don’t seem to have waned in the past year. In 2022, the value of losses that the crypto and DeFi market hit was $3.9 billion, with ImmuneFi highlighting that there were 168 incidents. Only $204 million was recovered, amounting to 5.2% of the total value.

However, white hat hackers have contributed towards security considerably. They have saved over $20 billion from hacks in 2022, and perhaps this might reduce the value lost in 2023. Even the FBI has chimed in, offering safety tips to DeFi users.

🎄Best crypto platforms in Europe | December 2024
eToro eToro Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
Coinbase Coinbase Explore
3Commas 3Commas Explore
🎄Best crypto platforms in Europe | December 2024
eToro eToro Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
Coinbase Coinbase Explore
3Commas 3Commas Explore
🎄Best crypto platforms in Europe | December 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Rahul-Nambiampurath.jpg
Rahul Nambiampurath
Rahul Nambiampurath's cryptocurrency journey first began in 2014 when he stumbled upon Satoshi's Bitcoin whitepaper. With a bachelor's degree in Commerce and an MBA in Finance from Sikkim Manipal University, he was among the few that first recognized the sheer untapped potential of decentralized technologies. Since then, he has helped DeFi platforms like Balancer and Sidus Heroes — a web3 metaverse — as well as CEXs like Bitso (Mexico's biggest) and Overbit to reach new heights with his...
READ FULL BIO
Sponsored
Sponsored