$90 Million Hack Goes Unnoticed for Seven Months
Mirror Protocol is a decentralized application on the Terra chain that allows for the creation of digital synthetics which track the price of real-world assets.
On May 17th, community members discovered a bug in the Mirror Protocol’s code that allowed a hacker to gradually siphon as much as $90 million, starting from October 8th, 2021.
According to a user under the alias of “FatMan“, the bug allowed the hacker to unlock other users’ collateral on Mirror Protocol, and withdraw it for themselves.
The bug in Mirror’s code has been exploited “hundreds of times” since 2021, allowing the hacker to suck $89,706,164.03 out from the protocol.
On-chain data indeed confirms that the hacker unlocked UST funds in the Mirror protocol multiple within the same transaction, paying only about $17.54 to do so.
Mirror Protocol Suffers Another Hack
Just days after the discovery, the DeFi protocol suffered a further attack on May 30th.
According to reports, the latest hack was caused by an error in the configuration of its price oracles, leading to the attacker taking advantage of a mismatched price between the old LUNC token, and the new LUNA token.
The attack was made possible due to the fact that the Terra nodes were running on outdated oracle software. According to the Chainlink community member who spotted the attack, the hacker drained upwards of $2 million from the protocol.
On the Flipside
Why You Should Care
While this is certainly not the first DeFi exploit in history, it is by far the longest it has taken for one to be reported. The pressure continues to pile on for Terra.
To get a grasp of how DeFi works, read:
Introduction to Decentralized Finance (DeFi): A Comprehensive Guide
To find out how Terra is performing, check out:
Terra (LUNA) Tanks 70% Just Hours After the Terra 2.0 Mainnet Goes Live
Continue reading on DailyCoin
Source: Cryptocurrency - investing.com