This Week’s Big Crypto Hack: Record Address Poisoning Attack

29th April to 4th May 2024

This week has been particularly eventful in the crypto world, marked by significant hacks that have been felt throughout the community. From Pike Finance’s second breach in just a few days to a trader’s unfortunate loss due to a phishing scam, the landscape of crypto security has once again come into focus.

There’s still a lot to be learned from an unfortunate situation. Here’s what went down.

A Detailed Recap

1. Pike Finance Suffers Double Attack

Pike Finance, a notable DeFi lending platform, faced its second exploit within a short span of three days, resulting in a substantial loss of $1.68 million across Ethereum, Arbitrum, and Optimism networks.

The attacker exploited critical flaws in Pike Finance’s smart contracts, gaining control over the protocol’s output address. This orchestrated move led to the transfer of $1.4 million worth of ETH, $150 thousand of OP, and over $100 thousand of ARB.

Interestingly, this incident occurred shortly after another breach on April 26th, where Pike Finance lost $300,000, indicating vulnerabilities in its security measures.

2. Yield Protocol: Vulnerable and Exploited!

In a cautionary tale, the defunct DeFi lending platform, Yield Protocol, fell victim to hackers who exploited vulnerabilities on the Arbitrum blockchain. Despite going offline in December 2023, Yield Protocol suffered a theft of approximately $181,000 in crypto assets due to manipulations within its smart contracts.

Investigations revealed that the attacker exploited anomalies in pool tokens using flash loan assets, highlighting the importance of robust security measures. Unfortunately, attempts to recover the stolen assets were futile as support for Yield Protocol had ceased months prior.

3. A Costly Mistake

More complex is a case when this crypto user mistakenly sent his 1,155 WBTC Wrapped Bitcoin to a bad actor’s wallet losing $68 million. His wallet was drained of over 97% of its total assets. The rest of its contents have since been removed, leaving them with just $13.56 worth of ETH. 

The vulnerability was based on imitating an ETH transfer of 0.05 ETH and causing the victim to send a large number of WBTCs instead. The transfer history of the victim was breached and the victim was made to send the money to the address belonging to the real exploiter who presented his address as legitimate. 

This method of address poisoning confirmed by reputable blockchain security firms such as CertiK, proves how seriously cryptocurrency owners should safeguard their transactions from sophisticated phishing attacks.

Also Check Out: Attacker Steals $71 Million in an Extremely Sophisticated Phishing Attack That Fooled the Investor

These examples should serve as a wake-up call to all crypto users, regardless of experience. As technology evolves, so do the tactics of those seeking to exploit it. By staying informed about the latest threats, implementing robust security measures, and exercising skepticism, users can navigate the crypto markets with ease.

Related posts

VeChain Price Records New Yearly High! What’s Next For VET Price This Week?

EdaFace Admin

Bitcoin and Ethereum: Potential Election Bribery Instruments, Warns Taiwan’s Ministry of Justice

EdaFace Admin

BitMEX Founder Predicts Altcoin Explosion, Reveals He’s the Biggest Holder of This Cryptocurrency

EdaFace Admin

Leave a Comment

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More