The current week has not left the area of Decentralized Finance (DeFi) untouched. On the contrary, yield farming protocol TempleDAO and derivatives platform MangoMarkets were exploited on October 11.
As PeckShieldAlert announced on Twitter yesterday, an attacker had cleared 1,831 ETH from a smart contract on the TempleDAO platform – the equivalent of almost 2.4 million US dollars. The reason for this was a vulnerability in the StaxLPStaking smart contract.
Like the DeFi project STAX afterwards tweeted, it was apparently a single entity from which the exploit started. As the crypto project subsequently announced, it is now working together with the crypto exchange Binance to locate the attacker.
We are working on this together with Binance and will place a white hat bounty on the attacker. We will increase the existing reward at Hats Finance and establish a secure connection in case the hacker decides to return the money to get the legitimate reward.
STAX
Mango Markets is also suffering
Things are looking far bleaker for the DeFi protocol Mango Markets. The estimated damage here is currently 100 million US dollars. However, the attacker offers to return the stolen money.
Like the attacker on the Mango Markets platform announcedhe wants to return the loot if Mango Market agrees to use $70 million in USDC to pay off old debts.
Apparently, in June, Mango Markets, together with the lending platform Solend, took money out of the log to pay off the debt of an unknown whale. His debts totaled $207 million and were spread across different lending protocols. The sum was apparently so large that if liquidated it would have endangered the stability of the entire protocol. According to the attacker’s request, they should now pay back this money.
The absurd thing about it: The attacker uses the coins he stole to vote for his own proposal in the minutes. In doing so, he takes the term “decentralized autonomous organization” (DAO) ad absurdum.
As a single entity, he steals coins, submits a proposal, and uses his stolen coins to vote for his own proposal. Little bonus from the hacker troll: If his proposal is accepted (it looks good at the moment), he will not be prosecuted.
By voting in favor of this proposal, Mango token holders agree to pay the bounty and pay off the Treasury debt. Also, they will not have any claims against the holder [der Schulden] do not seek criminal prosecution and do not freeze any accounts once the tokens are redeemed.
hacker
You want to compare the best wallets?
In our BTC-ECHO comparison portal we show you the best wallets with which you can store your crypto assets safely.
To the wallet comparison