The latest decentralized finance protocol to suffer a multi-million dollar exploit this year is MonoX Finance.
It went on to explain that its swap contract was exploited enabling the malicious actor to artificially inflate the price of its MONO token before using it to purchase all the other assets in the pool. The exploit was caused by a smart contract bug that led to incorrect price updates when conducting token swaps.
The team also appealed to the attacker in an effort to recover some of the funds:
We also really wish to have a chance in talking with the “hacker”. We value very much for what we’ve built for the current and future MonoX, and most importantly our users and their funds; PLEASE reach out to us,
The attacker used Tornado Cash to add a privacy layer to the transactions according to PeckShield.
MonoX is a multi-chain DEX that attempts to solve the capital inefficiencies created by liquidity pairs by using a single token pool model.
2021: A year of DeFi exploits
MonoX is the latest in a long list of DeFi protocols that have been exploited this year. The majority of them have been on the Binance Smart Chain network but others such as Polygon and Avalanche have seen protocols hacked.
So far, the list of exploited BSC protocols includes PancakeBunny, Cream Finance, bEarn, Bogged Finance, Uranium Finance, Meerkat Finance, SafeMoon, Spartan Protocol, and Belt Finance.
On Oct 15, Indexed Finance lost $16 million in a hack that exploited its balanced pools and on Oct 30, the BSC-based lending protocol BXH was exploited for as much as $130 million.
According to DeFiYield’s Rekt Database, November has seen exploits on Snowdog, Visor Finance, Ploutoz Finance, Unlock Protocol, Zenon Network, Blizzard, and bZx again.
MONO token price dumps
Unsurprisingly, the MONO token has collapsed, shedding 16% on the day to below $5. The token has lost 33% over the past five days since it hit an all-time high of $7.48 on Nov 26.