Main navigation

Earning.farm Yield Platform Under Attack: Details

Advertisement
Sat, 15/10/2022 - 18:25
Earning.farm Yield Platform Under Attack: Details
Cover image via stock.adobe.com
Read U.TODAY on
Google News
Advertisement

Earning.farm, a user-friendly yield machine for Ethereum (ETH), Wrapped Bitcoin (WBTC) and USD Coin (USDC) holders, is exploited by malefactors.

Earning.farm drained for almost $1 million, here's how

As per a statement shared by California-based Web3 security vendor Supremacy Inc., earning.farm DeFi suffered two attacks yesterday, Oct. 15, 2022.

EFLeverVault, a key element of earning.farm DeFi's design, was targeted by flash loan attacks. Due to an architecture flaw of its contract, attackers managed to withdraw all Ethers (ETH) stored in the contract that was designed to act as collateral.

Advertisement

As explained by a seasoned blockchain security researcher Daniel Von Fange, a contract of EFLeverVault filed to verify the initiator of the large withdrawal:

The 750 ETH hack from EFLeverVault a few hours ago happened because the contract did not verify that flashloan callbacks were actually initiated by the protocol, allowing the attacker to tell the protocol to withdraw large amounts of funds

As a result, a total of 750 Ethers was siphoned from the protocol: 480 Ethers ended up in an MEV bot, while 268 Ethers were withdrawn by hackers.

Hack season instead of "Uptober"

As Ethereum (ETH), the second largest cryptocurrency, was changing hands at $1,300 yesterday on major spot trading platforms, net losses might exceed $950,000.

October 2022 will be remembered as a month of unmatched attacks against the mainstream DeFi infrastructure. On Oct. 7, 2022, a bridge between two elements of BNB Chain was exploited for $566 million.

Related

On Oct. 12, Solana-based liquidity protocol Mango was drained of $100 million as a malefactor managed to manipulate the price oracles.

Later, the Mango community agreed to pay the largest bug bounty to the hacker: they receive $47 million and return the rest of the funds affected.

Related articles

Advertisement
TopCryptoNewsinYourMailbox
TopCryptoNewsinYourMailbox
Advertisement
Advertisement

Recommended articles

Latest Press Releases

Our social media
There's a lot to see there, too

Popular articles

Advertisement
AD