DeFi Application Affected After Losing $500k Worth Of WETH | UseTheBitcoin
Hacker looking at Bitcoin code

DeFi Application Affected After Losing $500k Worth of WETH

Avatar · in Breaking, Crypto News
Carlos is an international relations' analyst specializing in cryptocurrencies and blockchain technology. Since 2017, Carlos has written extensively for UseTheBitcoin and other leading cryptocurrency sites; with over 2,000 articles published.

The Decentralized Finance (DeFI) market has been affected by a new hack in which an attacker was able to take $500,000 worth of WETH from Balancer Labs, a DeFi protocol that is offering crypto-solutions to users. This is according to Steven Zheng, a recognized crypto researcher. 

DeFi Protocol Losses $500,000

Despite the fact that the Decentralized Finance market has been expanding all over the world in the last years, it continues to have many flaws that could end up affecting users financially. This time, Balancer Labs was was affected by a hack in which they lost $500,000 worth of WETH tokens. 

While at the beginning users thought it was just a problem related to the balances, it ended up being a real issue with the funds’ users were holding. According to the decentralized exchange 1inch, two multi-token pools were drained for more than $500.000. The attack took place using a vulnerability in context fo AMM and a token that was using a deflationary model. 

In order to continue with the attack, the hacker was able to send a complex transaction to the Ethereum mainnet that has then attacked one of the Balancer Pools. 

First, the attacker got $104 WETH as a flash loan from dYdX, funds that were later swapped between WETH and STA. This action was performed 24 times, draining STA balance from the pool. 

“[The] Balancer Pool contract keeps track of token balances in the contract and STA token had a deflationary model with transfer fee of 1% charged from a recipient, thus, resulted in transfer () and transferFrom() misbehaviour,” explained 1inch. 

In this way, the attacker was able to drain 1% of STA from the Balancer Pool every single time a new swap between WETH and STA was performed. Furthermore, the attacker used 1 weiSTA to swap it to WETH many times. Due to the token implementation of the fee,s the pool was never able to receive STA but it was yet releasing WETH. 

Finally, there was a rapid FlashLoan of 104,000 WTH to dYdX increasing the share in Balance Pool. The funds were then swapped136k STA using Uniswap V2 and continued with the transfers between digital assets and wallets. 

The Decentralized Finance market is expanding and attracting a large number of users. However, there are still some flaws and issues that must be solved before DeFi becomes widely used around the world. 

Build a winning crypto portfolio
Free report teaches how to structure your crypto portfolio, so you can maximize gains and minimize losses.