DeFi protocol Grim Finance lost $30 million in 5 times reentry hacking


Grim Finance, a Decentralized Finance (DeFi) agreement, reported that it lost $30 million due to the re-entry utilization of platform deposits.

Ruthless Finance Official Announce On December 18, an “external attacker” used the DeFi platform to steal cryptocurrency worth “over 30 million US dollars”.

According to Grim Finance, this hack is an “advanced attack” in which the attackers passed five vault contracts that reenter the recycling protocol, which allowed them to forge the other five deposits when the platform processed the first deposit. To the vault.

Grim suspended all vaults after the attack to minimize the risk of future funds: “We have suspended all vaults to prevent any future funds from being at risk. Please withdraw all funds immediately.”

Grim pointed out that they also notified entities involved in operating major cryptocurrencies, such as Circle (USDC), DAI and AnySwap, a cross-chain protocol on the attacker’s address, to freeze further fund transfers.

Grim Finance positions itself as a “compound rate of return optimizer” based on the DeFi-focused blockchain protocol Fantom, allowing users to mortgage liquidity providers’ tokens by adopting complex vault strategies.

According to data from Fantom (FTM) Blockchain Explorer, Grim Finance Exploiter continue Trading on December 19. One of the addresses associated with the exploit holds $1.2 million in Bitcoin (Bitcoin), $1.7 million in SpookyToken (BOO) and $13,700 in FTM tokens.

Some in the crypto community suggested that Grim Finance should be held responsible for the vulnerability due to failure to adopt appropriate reentrant protection tools. DeFi security platform also argued that the agreement provides users with “privileges beyond necessary.”

related: Redefining finance: From November 26 to December, two DeFi hackers broke through 120 million U.S. dollars, and the 500 million U.S. dollar Algo Fund was launched. 3

As hackers are eager to take advantage of the flaws in emerging industries, the increasing popularity of DeFi has brought many new challenges to the cryptocurrency industry. In early December, it was reported that the DeFi protocol BadgerDAO $120 million was exploited.