Agave and Hundred Finance were attacked yesterday
AGVE, the non-custodial money market and lending protocol Agave’s token, fell more than 20% on Tuesday after the firm announced it is investigating an exploit that made the protocol lose over $11 million.
“Agave is currently investigating an exploit on the agave finance protocol. We will update you as soon as we know more,” the DAO said. “Contracts have been paused until we figure out how to resolve the situation.”
Another DeFi lending protocol, Hundred Finance, was also attacked on Tuesday. “Unfortunately Hundred and Agave have both been exploited on Gnosis chain today,” the project team wrote. “Gnosis team is aware, investigation is ongoing. All the Hundred markets on all chains paused for now.”
“The underlying reason for the hack is that the official bridged tokens on Gnosis are non-standard and have a hook that calls the token receiver on every transfer. This enables reentrancy attacks,” according to blockchain security researcher Mudit Gupta.
“The attacker basically deposited like $2m as collateral and borrowed upto ~$1.5m of all other assets by exploiting reentrancy. They borrowed $1.5m of the first asset and before the system recorded their debt, they reentered and borrowed $1.5m of the second asset as well,” he indicated the method of the hacker.
According to on-chain analysis, the attacker’s address sent over 2,100 ETH to a crypto mixer, valued at over $5.5 million, in an attempt to launder the stolen tokens.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join CoinCu Telegram to keep track of news: https://t.me/coincunews
he indicated the method of the hacker. he indicated the method of the hacker. he indicated the method of the hacker. he indicated the method of the hacker. he indicated the method