Hacker rút $2,1M từ Onyx trong lần khai thác DeFi mới nhất

The decentralized finance protocol Onyx just suffered a security attack, causing a loss of more than $2.1 million.

attacker Withdrawn According to analysts at security firm BlockSec, the company ran out of money by exploiting a specific vulnerability in Onyx’s source code, known as “strange precision loss.” Specifically, the attack is performed using an integer rounding problem and is powered by flash loans.

“The attacker borrowed a large amount of ETH and exchanged it for PEPE, and then donate them to a specific pool to adjust the exchange rate. Then, because the precise odd number is lost, the attacker is able to extract more of the underlying asset by burning fewer shares,” explained Matthew Jiang, Director of Security Services at BlockSec.

Chiang noted that this attack was similar to the one mentioned above Baijia Finance last year.

The vulnerability stems from a previously cloned version of Compound V2, which Onyx uses in its underlying architecture.

The attacker has now sent 700 ETH ($1.25 million) to the cryptocurrency mixing service Tornado Cash, Data on the chain show.

information Bitcoin Synthetic