According to blockchain analytic company PeckShield, the decentralized finance (DeFi) project Onyx protocol has lost $2 million worth of Ethereum (ETH) to exploiters.
PeckShield informed community members about an exploit worth $2.1 million. Furthermore, the wallet address of the Onyx protocol exploiter has a balance of 1,164 ETH (approx $2.1 million).
How Hackers Stole Over $2 Million From Onyx Protocol
The hackers swapped some tokens, such as PEPE, USDC, USDT, Wrapped Bitcoin (WBTC), PAX Gold (PAXG), DAI, and Chainlink (LINK) for ETH. And later stole the ETH tokens and transferred them to their wallet.
Later, the hackers stole an additional $61,800, taking the total to around $2.2 million. Eventually, the attackers moved the funds to another wallet and have been siphoning it off through the crypto mixer Tornado Cash.
Read more: Top 7 Tornado Cash Alternatives in 2023
The Onyx protocol is yet to comment on the incident. Meir Dolev, the CTO of blockchain security firm Cyvers, told BeInCrypto:
“The recent security breach in @OnyxProtocol resulted in an approximate loss of $2.2 million due to a recognized rounding problem inherent in the widely-used CompoundV2 fork.”
A similar vulnerability was used to take advantage of Hundred Finance in last April, leading to a loss of around $7 million.
Dolev added:
“In simple terms, the oPEPE market was set up 5 days ago but didn’t have any funds in it. Some people took advantage of this by pretending to donate money, which let them borrow from other markets that did have funds. They then took back the ‘donated’ money by taking advantage of a known issue with how amounts were being rounded off.”
On Tuesday, hackers targeted the Telegram bot Unibot to steal around $640,000. And last week, another Telegram trading bot, Maestro, became the target of attackers.
Read more: Crypto Project Security: A Guide to Early Threat Detection
Do you have anything to say about this article anything else? Write to us or join the discussion on our Telegram channel. You can also catch us on TikTok, Facebook, or X (Twitter).
For BeInCrypto’s latest Bitcoin (BTC) analysis, click here.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
