Onyx Protocol Exploiter Siphons $2.1M from Tornado Cash

The Onyx Protocol hacker strikes again, this time exploiting a familiar bug to siphon $2.1 million from Tornado Cash. Learn about this decentralized lending platform’s loss and the intriguing connection to a previous $7 million exploit.

In a twist of deja vu, the Onyx Protocol hacker has reared their head once more, making off with a substantial $2.1 million in a cunning exploit targeting Tornado Cash. The assailant capitalized on a known bug linked to the widely-used CompoundV2 fork, which had previously been employed to extort $7 million from Hundred Finance.

The incident unfolded on Oct. 27, and Onyx Protocol’s decentralized, peer-to-peer lending platform fell victim to an attack in a market devoid of liquidity. Notably, this security breach went undetected by the protocol. PeckShield, a blockchain investigator, shed light on the exploit, revealing the hacker’s modus operandi.

The hacker manipulated the so-called oPEPE market, utilizing donations to borrow funds from other markets with liquidity. Subsequently, the ill-gotten funds were redeemed by exploiting the familiar rounding issue.

This exploit’s eerie familiarity harks back to April 16, when the same bug was exploited to pilfer $7 million from Hundred Finance, a multichain lending protocol. In that instance, the attacker manipulated ERC-20 token exchange rates, enabling them to withdraw more tokens than initially deposited, as documented by CertiK.

 

Disclaimer: The information provided in this article is for educational and informational purposes only. It should not be considered financial advice from Cryptozi or any other entity. We want to emphasize that if readers use the content or services mentioned in this article, Cryptozi is not responsible for any resulting losses. Therefore, it is strongly advised to exercise caution and consult with financial professionals before making any financial decisions that could impact your financial situation.

Lastest

Canadians Exhibit Waning Crypto Enthusiasm in 2023

The OSC's "Crypto Assets Survey 2023" reveals a decline...

US Treasury Imposes Sanctions on Sinbad: Third Crypto Mixer Linked to Lazarus Group

The US Treasury's Office of Foreign Assets Control (OFAC)...

Changpeng Zhao Bold Move: From Corporate Life to Bitcoin All-In

Changpeng Zhao, former Binance CEO, shares his bold move...

Secret (SCRT) Initiates Proposal to Slash Inflation Rate: Community Votes Open

Secret (SCRT) proposes a significant reduction in inflation rates,...

Subscribe

spot_img

Related

Canadians Exhibit Waning Crypto Enthusiasm in 2023

The OSC's "Crypto Assets Survey 2023" reveals a decline...

US Treasury Imposes Sanctions on Sinbad: Third Crypto Mixer Linked to Lazarus Group

The US Treasury's Office of Foreign Assets Control (OFAC)...

Changpeng Zhao Bold Move: From Corporate Life to Bitcoin All-In

Changpeng Zhao, former Binance CEO, shares his bold move...

Secret (SCRT) Initiates Proposal to Slash Inflation Rate: Community Votes Open

Secret (SCRT) proposes a significant reduction in inflation rates,...

Binance Fallout: Bybit Emerges as Immediate Winner in Crypto Exchanges’ Shakeup

Binance faces turbulence as CEO steps down amidst AML...
spot_imgspot_img

Canadians Exhibit Waning Crypto Enthusiasm in 2023

The OSC's "Crypto Assets Survey 2023" reveals a decline in Canadian interest in cryptocurrency investments. Ownership has dropped from 13% to 10%, with skepticism...

US Treasury Imposes Sanctions on Sinbad: Third Crypto Mixer Linked to Lazarus Group

The US Treasury's Office of Foreign Assets Control (OFAC) sanctions cryptocurrency mixer Sinbad, alleging its involvement in money laundering for North Korean hackers, the...

Changpeng Zhao Bold Move: From Corporate Life to Bitcoin All-In

Changpeng Zhao, former Binance CEO, shares his bold move into Bitcoin a decade ago, quitting his job and selling his house. He stresses the...

LEAVE A REPLY

Please enter your comment!
Please enter your name here