On April 18 and 19, hackers stole more than $25 million cryptocurrencies from Uniswap and Lendf.me. Lendf.me is a decentralized lending platform while Uniswap is a cryptocurrency trading platform.
As per the investigators, hackers performed a “reentrancy attack.”
A Reentrancy attack permits hackers to retrieve coins repeatedly before the original transaction is approved or declined.
Hackers hit Lendf.Me hard by stealing 99% of tokens. Lendf.Me was using the DeFi stack (an integrated & interoperable open finance protocol supported by the dForce Foundation).
On the other hand, Uniswap was using the Lendf.me protocol as well as imBTC. Uniswap is expected to lost between $300K and $1.1 million in imBTC tokens.
How Hackers Stole The Tokens
According to TokenIon, the first attack started on Friday night targeting Uniswap using an exploit that targeted ERC777 (an underlying technology of the Ethereum blockchain meant to support smart contracts) to perform a “reentrancy attack”.
In an initial response, Tokenlon suspended the transfer of imBTC and informed about the potential security breach.
April 18, 5 PM (SGT) – TokenIon resumed transferred after receiving a confirmation from Lendf.Me and other partners.
April 19, 09:28 (SGT) – Lendf.me warned TokenIon about a reentrancy attack that resuled into abnormal borrowing on the platform in big numbers
April 19, 10:12 (SGT) – Tokenlon suspended imBTC transfer and investigation started.
TokenIon informed users with a tweet informing about the hack.
Deal with the Devil Begins
According to CryptoSlate, dForce’s administrator started negotiations with hackers by sharing their email as you can send messages in Ethereum transactions.
Some other users also messaged him to return the money.
However, the details of negotiations are not public but it seems that hacker will be provided legal safety along with some portion of funds.
DeFi Became Hackers First Love
This is not the first attack, DeFihas has been attacked many times in the last three months due to lack of standard security measures.
Camila Russo, a crypto journalist, recently tweeted about the series of hacks happened on DeFi platforms.
Both websites’ operations have been suspended. Tokenlon has also blocked all new transactions to prevent any further attacks against other platforms.