defi attack
Inverse Finance exploited again for $1.2M in flashloan oracle attack
Just two months after losing $15.6 million in a price oracle manipulation exploit, Inverse Finance has again been hit with a flashloan exploit that saw the attackers make off with $1.26 million in Tether (USDT) and Wrapped Bitcoin (WBTC). Inverse Finance is an Ethereum based decentralized finance (DeFi) protocol and a flashloan is a type of crypto loan that is usually borrowed and returned within a single transaction. Oracles report outside pricing information. The latest exploit worked by using a flashloan to manipulate the price oracle for a liquidity provider (LP) token used by the protocol’s money market application. This allowed the attacker to borrow a larger amount of the protocol’s stablecoin DOLA than the amount of collateral they posted, letting them pocket the difference. The at...
Maiar decentralized crypto exchange goes offline after bug discovery
Minutes before 12 a.m. UTC on June 6, the CEO and co-founder of the Elrond Network, Beniamin Mincu, tweeted that he and his team were “investigating a set of suspicious activities” on the Maiar decentralized crypto exchange (DEX). Soon after the exchange was taken offline with Mincu reporting the issue was identified and an “emergency fix” was being implemented. In a Twitter thread posted almost 24 hours later around 11 p.m. UTC on June 6, Mincu said a potentially critical bug was identified which opened “an exploit area that we simply had to address and mitigate immediately.” The suspicious activities have been possibly identified and explained in a Twitter thread by pseudonymous on-chain analyst “Foudres” who revealed the potential attacker deployed a smart contract that someho...
