Hacker destroyed $1 million in stolen cryptocurrency

An attacker attacked the Zeed DeFi protocol but did not withdraw funds from an “attack” smart contract

22.04.2022 - 10:45

197

2 min

What’s new? A hacker attacked the Zeed DeFi protocol and withdrew $1,04 million in BSC-USD Binance-Peg (BUSDT) tokens, according to cybersecurity firm BlockSec. However, the attacker did not transfer the funds from an “attack” smart contract, which was set to self-destruct. All the stolen cryptocurrency was destroyed before the hack was even detected.

Source: Twitter.com

Details of the hack. The hacker exploited a vulnerability in the reward distribution protocol, allowing him to issue additional tokens. The attacker then sold them, collapsing the price of the native token of Zeed (YEED) to zero, and earned more than $1 million.

Source: Twitter.com

Analytics firm PeckShield noted that the stolen cryptocurrency was transferred to an “attack contract,” a smart contract that automatically executes an exploit. However, the hacker did not withdraw the funds from the address before setting it to self-destruct, and the coins were permanently stuck in the contract. On April 21, at 7:15 UTC the contract was destroyed.

Source: Twitter.com

What had happened before? On April 17, Beanstalk Farms, a DeFi-protocol, was hacked, causing the platform to lose $80 million. Following the hacker attack, the network’s native token collapsed by 86%. The developers of the MetaMask crypto wallet also warned of possible phishing attacks on Apple iCloud. They advised disabling data backup for their app.

Author: