A Hacker Just Stole $500,000 of BTC and ETH from Balancer!

By FarewelltoMinds | Farewell2Minds | 30 Jun 2020

Knowledge pays. Take a look at the latest hack of Balancer, a defi exchange which bases itself on user created exchange pools.

The hacker used a loan of some $23 million in ETH (wait, who the fuck loans that much ETH and how and why? I’ve got a hundred questions already) from dYdX. They then proceeded to exploit balancer based on a bug around deflationary tokens.

They targeted a pool for STA and WETH. STA, a deflationary token, was reduced to a tiny fraction of an amount. With the amount of STA being just a fraction (0.000000000000000001 STA). STA has a 1% transfer fee, with functions of  transfer() and transferFrom() in its code. So trading it all against WETH resulted in an increasingly less amount of STA each time. The result was the tiny fraction of STA.

They could then proceed to trade that amount against other sums. But, that 1% transfer fee remained. But there was no more STA. So instead, the fee drained pools of WETH instead, into the attacker’s wallet. They repeated this for BTC and LINK and others.

This wasn’t even the last of it! After repaying the loan and running with their funds (swapped for a fraction of an amount of STA), they then went to Uniswap and made even more money.

The attacker clearly had a high-level knowledge of solidity and smart contracts. It’s obvious they are an engineer, and they’re $500,000 richer because of it.

As reported by 1INCH, the hacker made off with:

  • 455 WETH ($100k worth)
  • 2.4m STA ($100k worth) and converted it to 109 WETH ($25k worth)
  • 11.36 WBTC ($100k worth)
  • 60.9k SNX ($100k worth)
  • 22.6k LINK ($100k worth)

Lesson here? New defi beta protocols are dangerous. Balancer didn’t do its homework. The attacker did.

So do your homework, kids!

 

Resources

  1. https://medium.com/@1inch.exchange/balancer-hack-2020-a8f7131c980e
  2. https://www.theblockcrypto.com/linked/69785/balancer-pools-drained-of-more-than-450000-due-to-an-exploit-connected-to-deflationary-tokens
Cryptocurrency Bitcoin (BTC) Crypto News ETH Balancer (BAL)

How do you rate this article?

4
FarewelltoMinds
FarewelltoMinds

Trying my best to stay rational in an irrational world.

Farewell2Minds
Farewell2Minds

Crypto news, unheard of alt coins, investments as gamblings and self-hating decentralized financial musings

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.
Solana Pulls Back From the High — Can Buyers Defend $155? Solana Pulls Back From the High — Can Buyers Defend $155?
AdamNovocaine

AdamNovocaine

1 hour ago
1 minute read

Darknet Marketplace Abacus Market Vanishes Darknet Marketplace Abacus Market Vanishes
cryptogod-1

cryptogod-1

11 hours ago
2 minute read

What is the "hidden" stock that soared 800% in just one month? What is the "hidden" stock that soared 800% in just one month?
Albertocrypto

Albertocrypto

9 hours ago
1 minute read