Main navigation

DeFi Hack Series Continues: Another Protocol Lost $40 Million

Sun, 12/19/2021 - 14:17
article image
Arman Shirinyan
Though decentralized platforms bring numerous advantages to blockchain users, the security of funds on platforms remains questionable
DeFi Hack Series Continues: Another Protocol Lost $40 Million
Cover image via
Read U.TODAY on
Google News

Another DeFi protocol has become a victim of hacking. According to security researcher Vahe Karapetyan, the estimated loss of GrimFinance totals $40 million and was made with a similar vulnerability as that tied to flash loans and liquidity.

Hack's sequence

First of all, the hacker grabbed a flash loan for two tokens and added liquidity on SpiritSwap, which allowed him or her to mint SPIRIT liquidity rewards and make a deposit call.

Then the sequence of various commands allowed the hacker to gain control over a large amount of flash loaned tokens. With the usage of the Spirit LP token, the hacker was able to make a re-deposit, which allowed him to stack a large number of additional tokens.

Currently, the transaction page counts more than 40 transactions made during the hacking sequence. The estimated loss was counted by adding up all the transactions, including Bitcoin and the wrapped Fantom tokens.

The aforementioned funds have not yet been transferred to any exchange or address. With the majority of funds remaining on only one address, centralized exchanges would be able to limit the hacker's wallet similar to the Poly.Network case.

Series of DeFi hacks

Grim.Finance is not the first case of funds being stolen on the market. Previously, the Vee.Finance contract was hacked by an anonymous individual who stole $35 million in various cryptocurrencies.

Ethereum Co-Founder Vitalik Buterin Meets Former President of Argentina

While both cases could be considered quite significant, they cannot compete with the Poly Network hack that yielded $600 million. The stolen funds were returned, which raised numerous concerns in the DeFi community that the whole situation was a publicity stunt.

Only a month ago, the cross-chain decentralized platform backed by Alameda Research's ChainSwap also became a victim of blockchain pirates, with more than 10 tokens being affected by the hack. Roughly $8 million worth of tokens were stolen from users.

article image
About the author

Arman Shirinyan is a trader, crypto enthusiast and SMM expert with more than four years of experience.

Arman strongly believes that cryptocurrencies and the blockchain will be of constant use in the future. Currently, he focuses on news, articles with deep analysis of crypto projects and technical analysis of cryptocurrency trading pairs.