The decentralized Finance industry (DeFi) bzx project has been attacked again. However, this time the amount of loss is even greater – the attacker stole 2,388 ETH (about $645,000).
On the social network Twitter, a message appeared that bZx has again suspended operations due to suspicious transactions on the Synthetix Protocol using fast loans. As before, the hacker took advantage of the vulnerability of the price Oracle.
“We can neutralize this attack, just like last time,” bzx co – founder Kyle Kistner wrote in the official telegram channel.
However, even if the work of bZx was suspended again, the losses from the hacker’s actions will not go away. Yesterday, the company published a detailed report on the actions of hackers during the previous attack.
In fact, hackers used several credit services to change the liquidity in the stream of UniSwap quotes and play on the price difference. Last time, the attacker took a loan of 10,000 ETH on the dYdX platform, and then sent half of the ETH to the Compound app to secure a loan of 112 wBTC.
5,637 ETH was exchanged for 51 wBTC via the UniSwap Protocol, which caused a lack of liquidity and an increase in the value of the coin. After that, 112 wBTC were exchanged again on the UniSwap Protocol for 6,871 ETH. Thus, the attacker made a profit of 1,193 ETH. After that, the 10,000 ETH loan was returned.