The DeFi space in late October of 2020 has been somewhat shaken by the news of a Hacker stealing $24 million worth of Harvest Finance funds. The attack has been made possible by the design and implementation issues within Harvest Finance which in combination with an arbitrage strategy has resulted in exploitation of $24 million of the cryptocurrency being stolen. 

• One of the early reports has speculated on a very clever arbitrage strategy which would've resulted in the funds getting drained from Harvest Finance. The strategy would've seen the attacker rinse repeat strategy of acquiring flash loan worth of $50 million, arbitraging through several markets to gain $0.5 million profit per repeat.

• After other community members have started putting more effort into their investigation along with looking at the source code of the Harvest Finance protocol there were more signs that there is something more sinister happening. The latter speculations have started highlighting a potential bug within the implementation of a grey list in regards to the Deposits, along with a loose design of the arbitrage check function.

• With the problem being at the forefront of the cryptocurrency news the Harvest Finance official twitter handle has admitted to an engineering mistake which would've resulted in thousands of people losing their funds.

• Somewhat surprisingly the attacker has chosen to transfer back 10% of the stolen funds upon which Harvest Finance has communicated that the funds would be distributed to the victims on a pro-rata basis.

Related Reading

• New Chromium Zero-Day bug under exploitation in the wild
• Ledger phishing emails
• Cyber Threat On The Rise
• Surfing the net a bit more securely
• Monero's Oxygen Orion Upgrade Successful
• The long awaited launch of Filecoin is finally here
• Grants for d(apps) to be built on top of Raiden Network (L2)

Ongoing crypto free earn campaigns:

• Coinbase Learn & Earn up to $50 of EOS
• Brave Rewards in privacy respecting web browser