Reentrancy, price oracle attacks and exploits across seven protocols caused the decentralized finance (DeFi) space to bleed at least $21 million in crypto in February.
According to DeFi-centric data analytics platform DefiLlama, one of the largest in the month was the flash loan reentrancy attack on Platypus Finance, which led to $8.5 million of funds lost.
DefiLlama highlighted six other noteworthy hacks in the month, the first being the price oracle attack on BonqDAO on Feb 1.
BonqDAO revealed to its followers in a Feb. 1 post that its Bonq protocol was exposed to an oracle attack that allowed the exploiter to manipulate the price of the AllianceBlock (ALBT) token.
The exploiter increased the ALBT price and minted large amounts of BEUR. The BEUR was then swapped for other tokens on Uniswap. Then, the price was decreased to almost zero, which triggered the liquidation of ALBT troves.
Blockchain security firm PeckShield estimated the losses to be around $120 million, however, it was later revealed hackers reportedly only cashed out around $1 million due to a lack of liquidity on BonqDAO.
Just a day later, decentralized exchange Orion Protocol suffered a loss of roughly $3 million on Feb. 2 through a reentrancy attack, where attackers used a malicious smart contract to drain funds from a target with repeated withdrawal orders.
We have been investigating this very sophisticated attack from the minutes it occurred. We will not reopen the Deposit function until we feel confident that the bug has been fixed which will only be after successfully passing new audits from leading audit firms.
Orion Protocol CEO Alexey Koloskov confirmed the attack at the time, assuring everyone, "All users' funds are safe and secure."
"We have
Read more on cointelegraph.com