Trusted

$2 Million Hacked From This DeFi Protocol

2 mins
Updated by Ali Martinez
Join our Trading Community on Telegram

In Brief

  • Unizen' was exploited for $2.1 million in a recent exploit carried out by a trade aggregator attack that corrupted smart contracts.
  • Peckshield asked Unizen to fix the external call vulnerability on March 8, following which Unizen promised to reimburse some users.
  • Halborn has identified several projects that lost investors more than $300 million in February alone, some through smart contracts.
  • promo

The DeFi protocol Unizen recently suffered a hack, resulting in approximately $2 million in losses.

This incident is part of a growing trend of security issues within the DeFi space, highlighted by several attacks on major platforms, including PlayDapp.

Unizen Addresses Smart Contract Vulnerability

In response to the hack, blockchain cybersecurity firm PeckShield identified a critical “external call vulnerability” in one of Unizen’s smart contracts. This flaw allowed hackers unauthorized access to execute commands, leading to the theft. PeckShield recommended that Unizen revoke approvals linked to a certain trade aggregator to mitigate further risk since the attacker converted the stolen USDT into DAI but has yet to move the funds.

An “external call vulnerability” represents a significant security risk. External parties can manipulate data or extract funds by executing unintended functions within a smart contract.

The Unizen team has been working diligently to enhance the platform’s security and address the attack’s aftermath. To compensate the affected users, Unizen’s CEO, Sean Noga, has pledged to use personal funds to cover 99% of the losses, with repayments to be made in USDT or USDC. The timeline for these repayments is currently unspecified.

“Our CEO / Founder, Sean Noga, has decided to loan Unizen the majority of the immediate reimbursement at 0% interest with his personal funds in order to maintain our operational speed and efficiency… All wallets who were compromised with 750K USD or less in equivalent value will receive reimbursement as soon as humanly possible,” Unizen said.

Read more: Crypto Project Security: A Guide to Early Threat Detection

losses crypto hacks 2023
Value Lost From Crypto Incidents. Source: Chainalysis

Unizen specializes in decentralized trading, providing users access to various DeFi protocols, liquidity pools, and financial services. It stands out for its cross-chain interoperability, allowing users to engage with multiple Web3 applications through a single exchange aggregator.

This $2 million hack underscores the ongoing security challenges in the DeFi ecosystem. February alone saw multiple DeFi platforms targeted by smart contract exploits, leading to significant financial losses.

Blueberry protocol lost $1.35 million because of the way its smart contracts handled decimal numbers. The crypto gambling platform DuelBits also lost $4.6 million due to a compromise of its own hot wallet. Meanwhile, Gaming platform PlayDapp suffered an attack that allowed a hacker to add a malicious address as an official minting address.

These incidents emphasize the need for improved security measures and early threat detection within the DeFi community.

Read more: 15 Most Common Crypto Scams To Look Out For

The FBI’s 2023 Internet Crime Report highlighted the growing concern over cryptocurrency-related crimes, with thousands of incidents reported last year. Additionally, a new form of crypto theft involving “drainer kits” has emerged, further complicating crypto users and platforms.

“The IC3 data suggests fraudsters are increasingly using custodial accounts held at financial institutions for cryptocurrency exchanges or third-party payment processors, or having targeted individuals send funds directly to these platforms where funds are quickly dispersed,” FBI agents wrote.

With the rising number of security breaches, DeFi platforms and users must remain vigilant against the threats that loom over the cryptocurrency market.

Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

David-Thomas.jpg
David Thomas
David Thomas graduated from the University of Kwa-Zulu Natal in Durban, South Africa, with an Honors degree in electronic engineering. He worked as an engineer for eight years, developing software for industrial processes at South African automation specialist Autotronix (Pty) Ltd., mining control systems for AngloGold Ashanti, and consumer products at Inhep Digital Security, a domestic security company wholly owned by Swedish conglomerate Assa Abloy. He has experience writing software in C...
READ FULL BIO
Sponsored
Sponsored