Meter lost $4,4 million to DeFi bridge exploit
The theft of tokens caused a supply crisis on the Moonriver crypto exchange
08.02.2022 - 11:40
152
2 min
0
What’s new? The Meter Passport platform’s representatives have reported a loss of $4,4 million on Twitter because of the DeFi bridge exploit. A hacker took advantage of the vulnerability to steal tokens from the platform and then sold them on the Moonriver exchange at an undervalued price. This has led to a supply crisis.
1. Around 6am Pacific time we identified someone was able to leverage a vulnerability of the bridge to mint a large amount of BNB and WETH tokens and depleted the bridge reserve for BNB on WETH.— ⚡️Meter.io⚡️ (@Meter_IO) February 5, 2022
What are the details of the hack? The hackers used a feature on the Meter platform that automatically wraps and unwraps gas tokens such as ETH and BNB for user convenience. However, the contract did not block direct interaction of the wrapped ERC20 tokens for its own gas token and did not verify the correct number of wETH transferred from the callers’ addresses. The extended code had a “wrong trust assumption” that allowed hackers to fake BNB and ETH transfers by calling the underlying ERC20 deposit function.
How did the hacker cause a crisis on Moonriver? The attacker sold the stolen BNB tokens on the decentralized SushiSwap exchange at undervalued prices. This caused BNB prices on Hundred Finance’s Moonriver platform to plummet by 77%. The users then bought cheap tokens and used them to get ETH, FRAX, and MIM credits. However, because of the price discrepancy, their loans were worth more than the collateral, causing a supply crisis. Hundred Finance suffered a loss of $3,3 million.
The Meter team has pledged to reimburse its community and Hundred Finance for the losses incurred as a result of the hack.
Useful material?
Market
Tether Finance division will be responsible for the issuance and redemption of USDT stablecoins
Apr 18, 2024
Trends
The first project introduced on the platform will be BounceBit (BB)
Apr 18, 2024
Business
The rate exchange of the native ACH token reacted with a 10% increase
Apr 18, 2024
Market
Miners are hunting for the first block after halving as the value of the first satoshi could exceed $1 million
Apr 18, 2024
Market
The platform will be non-custodial and accessible to everyone
Apr 15, 2024
Market
China Asset Management, Harvest Global Investments, and Bosera Asset Management have received permits
Apr 15, 2024