DeFi platform hacks are nothing new for the industry, with numerous projects becoming victims of hackers and market manipulators. But the Pizza DeFi platform hack was the first case on the EOS blockchain.
Platform hack
According to a Twitter announcement, the hacker, named itsspiderman, exploited eCurve and minted an infinite amount of Tripool tokens, which he or she was able to deposit on the platform as collateral.
12/8, 8pm, hacker itsspiderman used exploit in eCurve to mint infinite Tripool tokens and deposit as collateral in PIZZA platform, drained all valuable assets. PIZZA losses $5 millions worth of tokens. We are working with slowmist, BPs, and other projects to manage to retrieve
— Pizza - EOS DeFi (@PizzaProFi) December 9, 2021
By using a large number of Tripool tokens, the hacker was able to open over-collateralized positions and drain real valuable assets and withdraw them to his or her own wallet. The lost tokens are valued at $5 million.
The platform's account has stated that it is going to try to retrieve the stolen funds in this unprecedented case in the industry. But at the same time, the previously hacked PolyChain DeFi protocol managed to receive all stolen funds back from the hacker.
Is there hope for the platform's users?
In the case of the PolyChain hack, the number of stolen funds was more significant than in Pizza's hack, which also means that it was significantly more difficult to make profits on that sum, which is not the case here.
The $5 million is already sitting in the hacker's private wallet, and there are no barriers for this person to realize the majority of stolen funds right now. SlowMist Blockchain Ecosystem Security company has also tweeted that the team is actively analyzing the hack in order to help with funds retrieval.
Denys Serhiichuk
Godfrey Benjamin
Yuri Molchan