Decentralized exchange WOOFi lost $8 million in an exploit
The project’s team offered the hacker a reward of 10% of the stolen amount for returning the rest of the funds
06.03.2024 - 08:05
169
3 min
0
What’s new? Decentralized crypto exchange (DEX) WOOFi has lost $8 million as a result of an exploit. According to experts at blockchain audit firm PeckShield, a hacker manipulated the price of the WOO token to empty the WooPPPV2 pool contract. As a result, he transferred around 2000 ETH coins to a controlled address. Due to the incident, the project’s team suspended the contract and urged users to revoke permissions to interact with it to avoid losing funds.
What else is known? WOOFi explained that one of the exchange oracles on the Arbitrum network was exposed to an instant loan/flashloan exploit. This allowed the hacker to manipulate the WOO price and repay the flashloan at a lower price. As a result, the asset’s exchange rate momentarily collapsed by 19% to $0,481, but had partially recovered to $0,5389 by the time of writing.
As part of a decentralized financial system, the flashloan feature allows borrowing assets without collateral, provided they are repaid within a single block of transactions. However, the vulnerabilities of this mechanism allow market prices to be manipulated. For example, by borrowing large amounts of funds, an attacker can artificially create market conditions that allow them to capitalize on price discrepancies before the loan is repaid.
The WOOFi team said that pool-related contracts have been suspended and users’ assets in other WOO contracts as well as Earn vaults and WOOFi stake services are safe.
The developers intend to restore full exchange functionality within the next two weeks, “This is the first time an incident like this has happened to us, and we want to make sure it doesn't happen again.”
They have already contacted the hacker and offered him 10% of the stolen amount in exchange for returning the rest of the funds. Arkham Intelligence, an analytics platform, has also set up a reward for users who can provide information about the hacker’s wallets.
In February, one of the wallets of the Serenity Shield blockchain storage platform team was hacked. $5,66 million worth of SERSH native tokens were withdrawn from it, causing the asset’s exchange rate to collapse by 99%.
Crypto gaming platform PlayDapp loses $290 million in a hack
Experts speculate that this was the result of a compromised private key
DEX FixedFloat previously lost $26 million in bitcoin and Ethereum.
Useful material?
Telegram 
Twitter Technologies
Network fees will be integrated into the cost of swaps
Nov 22, 2024
Market
The company’s unrealized profits from investing in its first cryptocurrency approached $14 billion
Nov 19, 2024
Incidents
The search, the reason for which was not announced, took place a week after the election, the results of which Polymarket users predicted quite accurately
Nov 14, 2024
Market
Analysts point to the growing popularity of the first cryptocurrency as a safe haven asset
Nov 13, 2024
Market
The product will begin trading on the Swiss Exchange on November 19
Nov 12, 2024
Market
The company’s unrealized profits from investing in the first cryptocurrency approached $13 billion
Nov 12, 2024
Cryptocurrency rates
-
Bitcoin
$97 902
BTC
-0.4%
-
Ethereum
$3 366.22
ETH
-1.83%
-
BNB Smart Chain
$579.4
BSC
+1.23%
-
Ripple
$1.4
XRP
-5.18%
-
Dogecoin
$0.422674
DOGE
-4.37%
-
Cardano
$1.01
ADA
-6.31%
-
Stellar XLM
$0.513777
XLM
-14.4%
-
Polkadot
$8.68
DOT
-7.47%
-
Bitcoin Cash
$510.07
BCH
-1.81%
-
Litecoin
$96.49
LTC
-5.41%