Home » Business » DeFi platform Raft’s Ethereum hack and losses expert analysis

DeFi platform Raft’s Ethereum hack and losses expert analysis

DeFi platform Raft lost about $3.3 million in Ethereum as a result of a hack. But the attack likely brought only losses to the attacker, experts found.

See more

An analyst under the nickname 0xngmi noted that the hacker withdrew a total of 1577 ETH (~$3.3 million) from the protocol. However, he sent 1570 ETH to the burn address, and only 7 ETH to his wallet.

For the attack, the attacker used 18 ETH, transferred through the Tornado Cash mixer. But after all the transactions and paying commissions, he was left with 14 ETH.

“The son of a bitch could go to jail for losing 4 ETH,” the expert wrote.

Raft provides the ability to issue the US dollar-pegged stablecoin R backed by liquid ether derivatives like stETH from Lido Finance.

The head of research at Wintermute, Igor Igambergiev, revealed the attack scheme. The attacker created two “child” contracts to issue 3000 R using 2 cbETH. He then liquidated the collateralized positions with 1,000 ETH received through flash loans.

See more

Liquidity manipulation increased the hacker’s collateral to 3,900 ETH, which he used to mint 6.7 million unsecured R. He then sold the tokens for ether for sale through some kind of mixer, Igambergiev suggested.

According to the expert, the attacker did not take into account that when converting assets, the function would access the storage from the main contract, in which the hacker’s address was not initialized.

See more

“So, instead of sending ETH to the attacker, the coins went to a zero address that does not have a private key, oops,” Igamberdiev explained.

Raft co-founder David Garay confirmed the hack and unauthorized withdrawal of funds from the protocol. The team has launched an investigation into the incident and promised to provide the community with detailed information.

See more

Platform suspended stablecoin emission.

According to CoinMarketCap, after the attack, the “stable coin” lost its peg to the dollar. At the time of writing, the asset is trading at around $0.08.

Let us remind you that the losses of the centralized crypto exchange Poloniex, hacked the day before, exceeded $124.5 million.

Subscribe to ForkLog on social networks

Found an error in the text? Select it and press CTRL+ENTER

ForkLog newsletters: keep your finger on the pulse of the Bitcoin industry!


2023-11-11 13:46:08
#hacker #previously #hacked #DeFi #project #Raft #ForkLog

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.