Decentralized exchange WOOFi lost $8 million in an exploit
The project’s team offered the hacker a reward of 10% of the stolen amount for returning the rest of the funds
![Decentralized exchange WOOFi lost $8 million in an exploit](https://storage.getblock.net/source/1/XU1_EGfTKcbH4SYxLOF-vL1NkC2vAlUd.webp)
06.03.2024 - 08:05
131
3 min
0
What’s new? Decentralized crypto exchange (DEX) WOOFi has lost $8 million as a result of an exploit. According to experts at blockchain audit firm PeckShield, a hacker manipulated the price of the WOO token to empty the WooPPPV2 pool contract. As a result, he transferred around 2000 ETH coins to a controlled address. Due to the incident, the project’s team suspended the contract and urged users to revoke permissions to interact with it to avoid losing funds.
What else is known? WOOFi explained that one of the exchange oracles on the Arbitrum network was exposed to an instant loan/flashloan exploit. This allowed the hacker to manipulate the WOO price and repay the flashloan at a lower price. As a result, the asset’s exchange rate momentarily collapsed by 19% to $0,481, but had partially recovered to $0,5389 by the time of writing.
As part of a decentralized financial system, the flashloan feature allows borrowing assets without collateral, provided they are repaid within a single block of transactions. However, the vulnerabilities of this mechanism allow market prices to be manipulated. For example, by borrowing large amounts of funds, an attacker can artificially create market conditions that allow them to capitalize on price discrepancies before the loan is repaid.
The WOOFi team said that pool-related contracts have been suspended and users’ assets in other WOO contracts as well as Earn vaults and WOOFi stake services are safe.
The developers intend to restore full exchange functionality within the next two weeks, “This is the first time an incident like this has happened to us, and we want to make sure it doesn't happen again.”
They have already contacted the hacker and offered him 10% of the stolen amount in exchange for returning the rest of the funds. Arkham Intelligence, an analytics platform, has also set up a reward for users who can provide information about the hacker’s wallets.
In February, one of the wallets of the Serenity Shield blockchain storage platform team was hacked. $5,66 million worth of SERSH native tokens were withdrawn from it, causing the asset’s exchange rate to collapse by 99%.
![Crypto gaming platform PlayDapp loses $290 million in a hack](https://storage.getblock.net/source/1/uYI1J9cvh_NM8gEfsnsUU3uqlxixf4Uf.png)
Crypto gaming platform PlayDapp loses $290 million in a hack
Experts speculate that this was the result of a compromised private key
DEX FixedFloat previously lost $26 million in bitcoin and Ethereum.
Useful material?
Market
Australia’s largest financial institutions have refused to process payments to digital asset trading platforms due to the risk of fraud
Jul 26, 2024
Politics
According to the politician, the value of the country’s bitcoin reserves should equal the value of gold reserves
Jul 26, 2024
Mining
The capacity of the Bitaxe device used by the network participant is only 500 Gh/s
Jul 25, 2024
Trends
Meanwhile, Trump-inspired assets have not shown significant growth
Jul 22, 2024
Market
The fee will be as much as 2,5% compared to 0,25-0,19% for competitors
Jul 18, 2024
Market
This is the third consecutive month of decline
Jul 18, 2024