Main navigation Yield Platform Under Attack: Details

Sat, 15/10/2022 - 18:25 Yield Platform Under Attack: Details
Cover image via
Read U.TODAY on
Google News
Advertisement, a user-friendly yield machine for Ethereum (ETH), Wrapped Bitcoin (WBTC) and USD Coin (USDC) holders, is exploited by malefactors. drained for almost $1 million, here's how

As per a statement shared by California-based Web3 security vendor Supremacy Inc., DeFi suffered two attacks yesterday, Oct. 15, 2022.

EFLeverVault, a key element of DeFi's design, was targeted by flash loan attacks. Due to an architecture flaw of its contract, attackers managed to withdraw all Ethers (ETH) stored in the contract that was designed to act as collateral.

As explained by a seasoned blockchain security researcher Daniel Von Fange, a contract of EFLeverVault filed to verify the initiator of the large withdrawal:

The 750 ETH hack from EFLeverVault a few hours ago happened because the contract did not verify that flashloan callbacks were actually initiated by the protocol, allowing the attacker to tell the protocol to withdraw large amounts of funds

As a result, a total of 750 Ethers was siphoned from the protocol: 480 Ethers ended up in an MEV bot, while 268 Ethers were withdrawn by hackers.

Hack season instead of "Uptober"

As Ethereum (ETH), the second largest cryptocurrency, was changing hands at $1,300 yesterday on major spot trading platforms, net losses might exceed $950,000.

October 2022 will be remembered as a month of unmatched attacks against the mainstream DeFi infrastructure. On Oct. 7, 2022, a bridge between two elements of BNB Chain was exploited for $566 million.


On Oct. 12, Solana-based liquidity protocol Mango was drained of $100 million as a malefactor managed to manipulate the price oracles.

Later, the Mango community agreed to pay the largest bug bounty to the hacker: they receive $47 million and return the rest of the funds affected.


Latest Press Releases

Our social media
There's a lot to see there, too

Popular articles