- The address linked with the attacker has transmitted more than 2,100 ETH.
- The attacker used protocol’s vulnerability to drain the money and used a crypto mixer.
Following a “re-entrancy” assault on the decentralized finance (DeFi) lending protocol apps Agave and Hundred Finance, a hacker stole around $11 million in wrapped ether (wETH), wrapped bitcoin (wBTC), Chainlink (LINK), USD Coin (USDC), Gnosis (GNO), and wrapped XDAI (wxDAI).
The incident comes less than 24 hours after the announcement of the Deus Finance vulnerability. According to reports, hackers stole more than $3 million in Dai (DAI) and Ether (ETH) from the loan contract platform.
According to statistics, the value of the Agave token AGVE plummeted by 20% due to the hack. Following the vulnerability disclosure, the Hundred Finances token HND plummeted by 3.5 percent. However, it has now rebounded to reach a new 24-hour record. The Hundred Finance team also tweeted that it had been exploited on the Gnosis blockchain and halted its markets while investigating the situation.
The address linked with the attacker has transmitted more than 2,100 ETH, valued at more than $5.5 million, to a crypto mixer to launder the stolen tokens, according to the on-chain analysis of the transaction. Additionally, the attacker used this vulnerability to drain the money from the protocols by borrowing against the collateral they had posted repeatedly until the funds were completely depleted.
Shegen, a solidity developer and the inventor of an NFT liquidity protocol application, tweeted that she had lost $225,000 due to the hack. Following her studies, she discovered that the attack was successful due to a vulnerability of the wETH contract function on the Gnosis Chain, which allowed the attacker to continue borrowing cryptocurrency before the applications could compute the debt and block additional borrowing.