[ad_1]
The Meter Passport token bridge platform suffered a $4.4 million loss from a smart contract hack, which also resulted in Hundred Finance losing $3.3 million through undercollateralized loans.
Meter.io’s Meter Passport (MTRG) is a token bridge compatible with Ethereum and its sidechains. The attack affected the Moon River side of the bridge.
Moonriver is a smart contract platform based on Polkadot’s Kusama network. Hundred Finance is a crypto lending platform based on Compound Finance code.
According to a report on February 6, around $4.4 million in Binance Coin (Binance Coin ( BNB) and wETH statement From the instrumentation team.In this case, any number of Ethereum was deposited into the Meter, which hackers used to exploit the vulnerability to mint tokens.
1. Around 6AM PT, we discovered that someone was able to exploit a vulnerability in the bridge to mint large amounts of BNB and WETH tokens and drain the bridge reserve of BNB on WETH.
– ⚡️Meter.io⚡️ (@Meter_IO) February 5, 2022
The attack created a cascading effect in the Kusama-based Moonriver ecosystem.After depleting Meter’s BNB and wETH reserves, attackers sold BNB On the popular decentralized exchange SushiSwap. This caused the price of BNB on Moonriver to plummet by 77% at the time.
Then, many opportunists took advantage of the price drop by buying cheap BNB. They use these tokens as collateral for Hundred Finance to take out FRAX and MIM stablecoin loans. However, due to the difference in BNB prices, the value of their loans exceeded the collateral they provided, leading to a supply crisis.
2/4. Accounts are able to buy BNB.bsc at lower prices and use these tokens as collateral to borrow unaffected assets on our platform at global Chainlink prices. Of these, MIM and FRAX are currently affected.
— Hundred Finance (@HundredFinance) February 6, 2022
Astonishingly, two of those loans were repaid, leaving the Hundred protocol with $3.3 million in outstanding losses. The Hundred team attempted to contact the parties involved and demand that they return the BNB tokens used as collateral to Meter.
The Meter team has pledged to compensate its community and Hundred Finance for losses suffered as a result of the hack.team statement On February 6, it had set aside $4.4 million in MTRG tokens to cover the initial losses.
Baijia Finance’s pseudonymous founder “Vfat” said in a statement genuine news February 6:
“Meter has of course accepted responsibility for this hack and intends to use their native tokens for reimbursement whenever possible, and we are currently in the stage of collecting addresses and amounts.”
related: Qubit Finance suffers $80 million loss in hack
Blockchain security company PeckShield estimated In total, 1,391 ETH and 2.74 wBTC were taken by attackers and sent to Ethereum Tokens passed Tornado Cash, an ETH transaction privacy tool.
The Baijia Finance team has not responded to a request for comment.
Preliminary details of Meter’s code exploitation Similar to Wormhole Hacking On February 3rd, 120,000 wETH ($321 million) was maliciously minted and withdrawn from Wormhole’s platform. In that incident, hackers exploited a smart contract vulnerability to mint wETH at will, and the tokens were sent to Ethereum, which was then laundered through Tornado Cash.
[ad_2]
Source link
