SKYWARD rate plummets by 95% as a result of the Skyward Finance hack

What’s new? After an attack on Skyward Finance, a decentralized platform for launching projects on the NEAR blockchain, the rate of native token SKYWARD plummeted by 95,7% to $0,564509 (CoinGecko’s data as of November 3, 12:00 UTC). On November 2, hackers managed to withdraw about 1,1 million NEAR tokens worth $3 million as a result of the hack.

The @skywardfinance was just exploited for ~1.1M $NEAR Tokens (Worth ~3M) . 😢Thnx to @NearScout for noticing the treasury drain, he pinged me asking if something is wrong with skyward... then we looked into contract txns and found out about the exploit and sus txns.smol 🧵— SankΞt Ⓝ⚡️| sanketn81.near ,sanketn81.lens 🛸 (@sanket_naikwadi) November 2, 2022

What else is known about the incident? The first to write about the exploit was Aurora Lab’s community moderator Sanket Naikwadi, who learned it from a user under the pseudonym Nearscout, who drew attention to strange transactions on the platform.

According to Naikwadi, hackers used a scheme involving the redemption of SKYWARD tokens on the Ref Finance platform and further exchanging them for wrapped wNEAR tokens. In doing so, the hackers managed to receive double the reward for each transaction made.

The Skyward Finance team confirmed the hack, noting that the project’s treasury has been completely drained. The developers blocked smart contracts and recommended users withdraw tokens and no longer interact with the platform.

We regret to inform you that the Skyward Treasury has been drained through a contract exploit, rendering the Treasury and the $SKYWARD token effectively worthless. However, current and previous token sales are unaffected.🧵— Skyward Finance (@skywardfinance) November 2, 2022

The year 2022 has already set a record for the number of hacks of DeFi projects. In just one day in October, four exploits were recorded. The Mango platform lost $100 million worth of native tokens MNGO owned by investors. The hacker used the same tokens to artificially inflate their price and manipulate voting in the service’s DAO. On the same day, October 12, the exploit resulted in the withdrawal of $2,3 million from the project Temple DAO, as well as smaller amounts from the protocols ParaSwap and RabbySwap.

To find out why 2022 as a whole became a record year for hacking DeFi projects, check out GetBlock Magazine’s article.