See More

EasyFi Network Details $6M DeFi Hack in Latest Postmortem

2 mins
Updated by Kyle Baird
Join our Trading Community on Telegram

In Brief

  • EasyFi Protocol founder's computer compromised.
  • Liquidity pools drained via MetaMask.
  • EASY token dumps 50%.
  • promo

The platform has released a postmortem detailing the incursion.The latest decentralized finance (DeFi) protocol to suffer at the hands of hackers is EasyFi.

In an April 20 blog post, founder and CEO of the EasyFi DeFi protocol, Ankitt Gaur, detailed an attack that resulted in the loss of as much as $6 million from its liquidity pools.

The incursion, which happened on April 19, was a targeted attack compromising the admin and mnemonic keys. This allowed the hacker to access funds and make off with almost 3 million EASY tokens.

“We gained validation to the initial reports about the targeted attack on the founder’s machine/MetaMask to access admin keys and execute the well-planned hack.”

Targeted DeFi hack

Gaur stated that he was first alerted to large transactions from protocol wallets. The hacker accessed existing liquidity in protocol pools in USD, DAI, and USDT in order to transfer 2.98 million EASY tokens to their wallet address.

He added that EasyFi smart contracts were not compromised. It was a targeted mnemonic hack upon Gaur’s own computer using a planned remote attack to access MetaMask.

“Since the machine was not used for daily operations and is used solely for the purpose of official transfers. The hacker waited for the right time to execute the hack in a well-planned manner.”

Gaur stated that most MetaMask attacks phish private keys or passphrases. However, in this instance, the computer was compromised and the wallets accessed directly from the hard drive.

He added that the tokens had yet to be sold due to liquidity restraints. Gaur offered a $1 million reward should the hacker return the funds in full.

The incident reinforces the premise that DeFi protocols are not really decentralized if the “CEO” still holds all the keys. It’s similar to the hack that targeted Nexus Mutual Founder Hugh Karp in December 2020. However, the $8 million was lifted from Karp’s personal wallet, not the protocol itself.

EasyFi is a Layer 2 DeFi lending protocol designed for digital assets powered by the Polygon (formerly Matic) Network. It launched on Binance Smart Chain in early April and partnered with PancakeSwap for yield farming incentives.

EASY token price crashes

EasyFi’s native token crashed almost 50% as the news broke, falling from around $26 to $13.50 in under 24 hours.

At the time of writing EASY had recovered marginally and was trading at $17.65.

Top crypto platforms in the US | March 2024
Coinbase Coinbase Explore →
AlgosOne AlgosOne Explore →
Chain GPT Chain GPT Explore →
iTrustCapital iTrustCapital Explore →

Trusted

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

profile.jpg
Martin Young
Martin Young is a seasoned cryptocurrency journalist and editor with over 7 years of experience covering the latest news and trends in the digital asset space. He is passionate about making complex blockchain, fintech, and macroeconomics concepts understandable for mainstream audiences.   Martin has been featured in top finance, technology, and crypto publications including BeInCrypto, CoinTelegraph, NewsBTC, FX Empire, and Asia Times. His articles provide an in-depth analysis of...
READ FULL BIO
Sponsored
Sponsored