In a recent security breach, Decentralized finance (DeFi) platform Sturdy Finance has lost 442 Ether (ETH), approximately $800,000, due to a flaw in its price oracle system. The attacker reportedly took advantage of this vulnerability, enabling them to siphon off the substantial sum from the platform.
The alarming situation came to light on June 12, when blockchain security firm PeckShield identified and reported a suspicious transaction seemingly linked to price manipulation within Sturdy Finance. Almost an hour after this notification, Sturdy Finance acknowledged the security compromise. As a safety measure, all markets under the DeFi protocol were immediately paused to prevent further potential losses, and users were assured that no additional funds were in jeopardy.
However, even with the timely intervention, the culprit managed to transfer nearly $800,000 in ETH to cryptocurrency mixer Tornado Cash. PeckShield confirmed that the underlying cause of this unauthorized transaction was a flawed price oracle, a critical system component that provides price feeds to the platform.
In further analysis, another blockchain security company, BlockSec, revealed that the hacking was executed through a reentrancy attack. This technique allows hackers to repeatedly call a function within a single transaction before the first function call has completed, hence enabling them to withdraw more funds than should normally be allowed.
Meanwhile, in a separate incident, fraudsters managed to hijack eight Twitter accounts belonging to prominent figures in the cryptocurrency world. These included the accounts of well-known DJ Steve Aoki, Pudgy Penguins founder Cole Villemain, and even outspoken crypto skeptic Peter Schiff. Blockchain investigator ZachXBT estimated that the hackers made off with nearly $1 million in crypto assets.
Elsewhere, the US Justice Department has recently indicted two individuals, 43-year-old Alexey Bilyuchenko and 29-year-old Aleksandr Verner, for their alleged involvement in the infamous Mt. Gox hack. The duo is accused of stealing and conspiring to launder an enormous amount of 647,000 Bitcoin.
Other Stories:
SEC lawsuits prompt Binance and Coinbase users to flock to Bitget
Is crypto mining legal in the UK?
