1. BITBILIHome
  2. Article

Hacker exploits vulnerability, drains $455,000 from DeFi protocol Arcadia Finance

34 views

TL;DR Breakdown

  • Hacker exploits code vulnerability in Arcadia Finance, draining approximately $455,000 from the DeFi protocol’s Ethereum and Optimism vaults.
  • The breach highlights the need for improved input validation and reentrancy protection in decentralized finance platforms.
  • The incident contributes to the growing number of cyber attacks in the crypto space, prompting concerns about security and the potential impact on the Optimism network’s revenue and future growth.

Description

Arcadia Finance, a noncustodial protocol supporting on-chain cross-margin accounts, fell victim to a cyber attack that resulted in the loss of approximately $455,000. However, the hacker exploited a code vulnerability, exposing a weakness in the platform’s validation mechanism. The vulnerability allowed unverified inputs to go unchecked, enabling the hacker to drain funds from Arcadia Finance’s … Read more

Arcadia Finance, a noncustodial protocol supporting on-chain cross-margin accounts, fell victim to a cyber attack that resulted in the loss of approximately $455,000. However, the hacker exploited a code vulnerability, exposing a weakness in the platform’s validation mechanism. The vulnerability allowed unverified inputs to go unchecked, enabling the hacker to drain funds from Arcadia Finance’s Ethereum (darcWETH) and Optimism (darcUSDC) vaults.

Code vulnerability leads to significant losses

The breach was first discovered by PeckShield, a prominent cybersecurity firm known for its expertise in the blockchain domain. PeckShield promptly alerted Arcadia Finance about the hack, emphasizing the lack of untrusted input validation as the primary cause of the exploit. Following PeckShield’s intimation, 

The perpetrator demonstrated a swift response by successfully transferring an estimated 179.3 ETH from the Optimism[OP] network. This sum was attained by utilizing a combination of 148 ETH, which had been bridged from the Ethereum network, and approximately 59,000 USDC that was swapped.

The stolen funds were laundered through Tornado Cash, a decentralized privacy solution for cryptocurrencies. However, the stolen tokens on the Ethereum network, valued at over $103,000 at the time of writing, remain parked in the suspected wallet address, awaiting further investigation.

Arcadia Finance acknowledged the breach and swiftly halted its contracts to prevent further loss of funds.

PeckShield also disclosed an additional vulnerability within Arcadia Finance’s code. This vulnerability, known as a lack of reentrancy protection, poses a severe risk to the protocol’s internal vault health check. If exploited, this vulnerability could have severe consequences for the platform.

The incident adds to the growing list of cyber attacks and exploits that have plagued the cryptocurrency space during the second quarter of 2023. A recent report by CertiK, a leading blockchain security company, revealed that a total of 212 security incidents occurred during the quarter, resulting in a staggering loss of $313,566,528 from Web3 protocols.

Defi Llama’s data reveals that Arcadia Finance’s TVL has taken a significant hit in the past few days due to the prevailing uncertainty surrounding the company.

Screenshot 2023 07 10 at 11.53.57 AMHacker exploits vulnerability, drains 5,000 from DeFi protocol Arcadia Finance
Arcadia Finance’s TVL declines. Source: DeFi Llama

Impact on Optimism network and future growth

The exploitation of Arcadia Finance affected the protocol and had implications for the broader Optimism network. Token Terminal’s data indicates that although the number of daily active users on Optimism experienced a robust growth rate of 3.9% over the past week, the platform’s revenue witnessed a significant decline. In just the last seven days, the revenue generated by Optimism plummeted by 52.6%.

This decline in revenue raises concerns about the long-term growth prospects of the Optimism network. Moreover, the OP token, which is closely associated with Optimism, has experienced a substantial decline in price over the past month. Additionally, the velocity of OP token trading has diminished, indicating a decrease in trading activity. It is important to note that the OP token was trading at $1.18 at the time of writing. 

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:Hacker exploits vulnerability, drains $455,000 from DeFi protocol Arcadia Finance

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年7月11日 03:33
Next 2023年7月11日 04:44

Related articles

  • From Asia with crypto: This week’s top 10 news

    TL;DR Breakdown Hong Kong’s SFC Issues: JPEX platform faces regulatory challenges in Hong Kong for unlicensed operations, leading to a freeze on its substantial assets. South Korea’s Crypto Evolution: Shareholders of major exchanges face qualification reviews amid increased legislative scrutiny, with over 70% of overseas assets declared being in cryptocurrency. Singapore’s Regulatory Push: MAS steps up its oversight on digital assets to curb misconduct, while a major money-laundering case involving several banks surfaces. Description Asia – the pulsating heart of the crypto world, teeming with innovation, intrigue, and at times, deception. While the continent brims with stories, here’s a sharp look at the top ten that caught my attention this week, as we navigate the complicated terrain of cryptocurrencies in the East. Hong Kong: Scandals and Invitations Hong Kong’s … Read more Asia – the pulsating heart of the crypto world, teeming with innovation, intrigue, and at times, deception. While the continent brims with stories, here’s a sharp look at the top ten that caught my attention this week, as we navigate the complicated terrain of cryptocurrencies in the East….

    Article 2023年9月25日

  • Hungarian artist sells computer-generated NFTs for $1.2 million

    TL;DR Breakdown Hungarian artist Vera Molnár has sold out a series of computer-generated NFTs for $1.2 million. Navigating the impact of NFTs on the art world. Description In a groundbreaking event, Hungarian artist Vera Molnár collaborated with Martin Grasser to create a series of computer-generated nonfungible tokens (NFTs) that sold out during Sotheby’s Dutch auction for an impressive 631 Ethereum, equivalent to approximately $1.2 million, in under one hour. The collection, titled “Themes and Variation,” comprises 500 unique collectibles generated through an … Read more In a groundbreaking event, Hungarian artist Vera Molnár collaborated with Martin Grasser to create a series of computer-generated nonfungible tokens (NFTs) that sold out during Sotheby’s Dutch auction for an impressive 631 Ethereum, equivalent to approximately $1.2 million, in under one hour. The collection, titled “Themes and Variation,” comprises 500 unique collectibles generated through an algorithmic combination of 170 color palettes and recursive grids. The Hungarian artist sold out the arts in one hour Auctioneers described the collection as an expansion of the Hungarian artist’s 2% d’ordre generative protocol, which explores the potential of grids…

    Article 2023年7月28日

  • Inferno Drainer: The new crypto and NFT nightmare – What or who is it?

    TL;DR Breakdown Scam Sniffer has found that some phishing attacks are linked to Inferno Drainer, a multi-chain scam vendor that charges 20% of the stolen assets.  So far, $5.9 million has been taken by analyzing data from different chains, with about 4,888 victims. Scams posing as services have become an increasing problem in the crypto community. In the ever-evolving landscape of cybercrime, a new threat has emerged, leaving individuals and businesses vulnerable to financial losses and privacy breaches – Inferno Drainer. The Inferno Drainer phishing scam, aptly named for its ability to drain victims’ resources, has recently come to the forefront of crypto evolution. This sophisticated “scam-as-a-service” operation has already pilfered an astonishing $5.9 million since March, underscoring the urgent need for increased vigilance and robust security measures. Inferno Drainer’s sophisticated phishing scam leaves millions vulnerable Operating behind a veil of anonymity, the Inferno Drainer has quickly gained notoriety within the dark web. The group behind this scam-as-a-service operation remains shrouded in mystery, employing advanced techniques to evade detection by law enforcement agencies and cybersecurity experts. According to the Web3…

    Article 2023年5月23日

  • Nansen under attack, 7% user data compromised – Here’s all you need to know

    TL;DR Breakdown Nansen, one of the most trusted crypto data providers, has suffered a security breach, one that could damage the crypto industry at great length.  An initial investigation revealed that 6.8% of the company’s user base had their email addresses compromised. Nansen is well-known for serving several Fortune 500 companies and other industry leaders. Description Nansen, the blockchain analytics platform widely trusted for its insights and data-driven solutions, has experienced a cybersecurity attack. The breach report sent shockwaves through the company’s user base.  The well-known crypto and blockchain analytics firm announced on the social networking platform X that one of its third-party vendors had a security compromise that affected 6.8% … Read more Nansen, the blockchain analytics platform widely trusted for its insights and data-driven solutions, has experienced a cybersecurity attack. The breach report sent shockwaves through the company’s user base.  The well-known crypto and blockchain analytics firm announced on the social networking platform X that one of its third-party vendors had a security compromise that affected 6.8% of its customers.  According to Nansen, the security breach provided hackers…

    Article 2023年9月23日

  • Coinbase revealed as the world’s largest known Bitcoin holder— here are their other holdings

    TL;DR Breakdown Cryptocurrency analysis firm Arkham identifies Coinbase as the world’s largest known Bitcoin holder, with about 1 million BTC valued at over $25 billion. Arkham’s proprietary algorithm also reveals Coinbase’s diverse cryptocurrency portfolio, including substantial holdings in ETH, LINK, USDC, BNB, and other tokens. Description Cryptocurrency analysis firm Arkham disclosed that it has identified the Bitcoin reserve wallets of Coinbase, one of the world’s leading cryptocurrency exchanges. According to Arkham, Coinbase owns approximately 1 million BTC, valued at over $25 billion. This makes Coinbase the world’s largest known Bitcoin holder.  The discovery was made possible through Arkham’s proprietary algorithm, which … Read more Cryptocurrency analysis firm Arkham disclosed that it has identified the Bitcoin reserve wallets of Coinbase, one of the world’s leading cryptocurrency exchanges. According to Arkham, Coinbase owns approximately 1 million BTC, valued at over $25 billion. This makes Coinbase the world’s largest known Bitcoin holder.  The discovery was made possible through Arkham’s proprietary algorithm, which tags addresses used by various cryptocurrency platforms and organizations. Arkham’s algorithm has tagged more than 36 million BTC deposit and holding…

    Article 2023年9月24日
TOP