Bitcoin
Bitcoin (BTC)
$66,685.00 4.27455
Bitcoin price
Ethereum
Ethereum (ETH)
$3,503.44 2.11489
Ethereum price
BNB
BNB (BNB)
$592.54 3.56714
BNB price
Solana
Solana (SOL)
$168.98 6.11759
Solana price
XRP
XRP (XRP)
$0.5715540 0.28134
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000178 2.4296
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000127 8.78903
Pepe price
Bonk
Bonk (BONK)
$0.0000315 17.1784
Bonk price
Bitcoin
Bitcoin (BTC)
$66,685.00 4.27455
Bitcoin price
Ethereum
Ethereum (ETH)
$3,503.44 2.11489
Ethereum price
BNB
BNB (BNB)
$592.54 3.56714
BNB price
Solana
Solana (SOL)
$168.98 6.11759
Solana price
XRP
XRP (XRP)
$0.5715540 0.28134
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000178 2.4296
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000127 8.78903
Pepe price
Bonk
Bonk (BONK)
$0.0000315 17.1784
Bonk price
Bitcoin
Bitcoin (BTC)
$66,685.00 4.27455
Bitcoin price
Ethereum
Ethereum (ETH)
$3,503.44 2.11489
Ethereum price
BNB
BNB (BNB)
$592.54 3.56714
BNB price
Solana
Solana (SOL)
$168.98 6.11759
Solana price
XRP
XRP (XRP)
$0.5715540 0.28134
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000178 2.4296
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000127 8.78903
Pepe price
Bonk
Bonk (BONK)
$0.0000315 17.1784
Bonk price
Bitcoin
Bitcoin (BTC)
$66,685.00 4.27455
Bitcoin price
Ethereum
Ethereum (ETH)
$3,503.44 2.11489
Ethereum price
BNB
BNB (BNB)
$592.54 3.56714
BNB price
Solana
Solana (SOL)
$168.98 6.11759
Solana price
XRP
XRP (XRP)
$0.5715540 0.28134
XRP price
Shiba Inu
Shiba Inu (SHIB)
$0.0000178 2.4296
Shiba Inu price
Pepe
Pepe (PEPE)
$0.0000127 8.78903
Pepe price
Bonk
Bonk (BONK)
$0.0000315 17.1784
Bonk price

DeFi protocol Sturdy Finance falls victim to $800k security attack

defi-protocol-sturdy-finance-falls-victim-to-800k-security-attack
Edited by
News
DeFi protocol Sturdy Finance falls victim to $800k security attack

Decentralized lending platform Sturdy Finance has suffered a major security breach resulting in the loss of approximately $800,000 worth of ether (ETH).

The attack, executed by an unidentified individual, exploited a reentrancy vulnerability within the system, ultimately manipulating a faulty price oracle and siphoning funds.

The incident sheds light on the vulnerabilities inherent in decentralized finance (DeFi) applications, where price oracles serve as crucial components for providing real-world price data. However, they can also become prime targets for hackers aiming to exploit weaknesses and compromise platform security.

Sturdy Finance hit by security breach

A detailed analysis conducted by cybersecurity firm BlockSec traced the root cause of the breach to a reentrancy vulnerability present in Balancer’s system, combined with the manipulation of B-stETH-STABLE price data.

The attacker seized the opportunity to repeatedly call a function within a single transaction before completing the initial function call. Exploiting this loophole, they managed to withdraw more funds than they were legitimately entitled to. Once in control of the function calls, the attacker successfully manipulated the price oracle, effectively draining funds from Sturdy Finance.

Responding swiftly to the breach, Sturdy Finance immediately suspended all of its markets to prevent further potential losses. The platform’s team reassured users that no additional funds were at risk and that no immediate action was required on their part.

https://twitter.com/SturdyFinance/status/1668080627030315009

Further investigation revealed that the attacker employed the Tornado Cash mixer to obscure their activities. This privacy-enhancing tool added layer of complexity, making it challenging to trace the attacker’s transactions on the blockchain.

The security breach is a stark reminder of the constant threats DeFi platforms face. On June 4, Crypto wallet provider Atomic Wallet experienced a significant hack resulting in the theft of approximately $35 million worth of cryptocurrencies such as bitcoin, ether, tether, dogecoin, litecoin, BNB coin, and polygon.

As the crypto industry continues to evolve, it becomes increasingly vital for protocols to prioritize security measures and undertake comprehensive audits to identify and address vulnerabilities before malicious actors exploit them.