No Result
English
No Result
English
No Result
English

Keyword

Defi Sovryn Bitcoin protocol hacked with over $1 million

06-10-2022 10:00 am

Minh Trang

Advertisement

A criminal went on the run with over 44 RBTC using price manipulation techniques in a Sovryn lending group.

Sovryn – a decentralized finance protocol based on Bitcoin – had more than $1 million in withdrawals on October 4 through price manipulation. The attack allowed the perpetrator to withdraw more than $1 million in cryptocurrencies from the protocol, including 44.93 RBTC and 211,045 USDT.

Sovryn gets hacked for the first time

According to Sovryn’s blog post on the subject, the attacks specifically target the Sovryn protocol – Borrow/Lend. It affected the RBTC and USDT lending pools .

RBTC and USDT are crypto assets to Bitcoin and US dollar respectively. These coins circulate on Rootstock (RSK), a Bitcoin Sidechain for scaling Bitcoin smart contracts , dapps, and scalability. Sovryn is a Defi protocol built on top of RSK.

Sovryn bi hack
Sovryn was hacked for the first time

The amount was withdrawn using Sovryn’s AMM swap functionFundraising efforts are still ongoing.

“Due to the multi-layered security approach taken, developers can identify and withdraw funds when an attacker is trying to withdraw. At this point, through a combined effort, the developers have managed to recover about half the value of the attack.”

Sovryn spokesman Edan Yago said it was the first successful attack against the protocol in two years of operation. He claims that Sovryn is “one of the most heavily audited Defi systems,” with bonuses for finding bugs in the system.

The attack by manipulating the price of Sovryn’s iToken – an interest-bearing token that represents the cryptocurrency held by users in the lending pool. The price of this token is updated every time the position of the lending pool changes.

How hackers attack the system

First, the attacker bought WRBTC (wrapped RBTC) using a quick swap in RskSwap. He then borrowed more WRBTC from Sovryn’s loan agreement using his own XUSD (another stablecoin) as collateral.

“The attacker then provided liquidity to the RBTC loan contract, closed their loan with a swap using their XUSD collateral, redeemed (burned) their iRBTC tokens, and send WRBTC back to RskSwap to complete fast swap.”

The whole process manipulated the iToken price so that an attacker could withdraw more RBTC from the lending pool than it did on the first deposit.

Hackers
How hackers attacked the system

Sovryn clarified that user funds were not affected by the hack. Any value missing from the lending pools will be added by Exchequer – Sovryn treasury.

>>> Related: Transit Swap “hacker” returns 70% of $23 million stolen

Rate this post

Related Posts:

SA n BingX lA gA¬ HAE°a›ng daon sa­ da¥ng sA n BingX crypto chi tiao¿t nhao¥t The Ecoinomic

What is BingX? Guide to sign up for BingX

05-01-2023

More >
Pax Gold The Ecoinomic

Paxos takes back $20 million PAXG from FTX hack

27-12-2022

Twitter users data is on sale black market The Ecoinomic

400 million Twitter user data for sale on the black market?

27-12-2022

No Result

© 2022 Ecoinomic.io