DeFi Exploits Continue to Plague Industry as Saddle Finance Hack Sees $10M Stolen

Saddle Finance, a decentralized finance protocol, has suffered a $10 million hack, according to blockchain security and data analytics company PeckShield.

The exploit happened within a bunch of transactions and took advantage of the wrong MetaSwapUtils lib used to calculate the swap. The hacker initiated the exploit with 1 ETH withdrawn from Tornado Cash.

1/ @saddlefinance was exploited in a flurry of txs (https://t.co/jnFnZHMaO7 and https://t.co/RbpyXg7Sxw),
resulting in the protocol loss of >$10M.

— PeckShield Inc. (@peckshield) April 30, 2022

Out of the 3932.76 ETH stolen, the hacker has sent about 900 ETH into Tornado Cash. As of press time, there are around 2500ETH in the wallet.

BlockSec helped Saddle Finance recover some funds

Per available information, Saddle Finance could have lost more if smart contract auditing and blockchain security firm, BlockSec had not noticed the exploit. Using an internal system that uses flashbots to detect and front-run hacking incidents, the firm recovered $3.8 million.

@saddlefinance Please contact us (rescue@blocksecteam.com).

— BlockSec (@BlockSecTeam) April 30, 2022

BlockSec had initially notified Saddle Finance about the hack on Twitter. The firm later revealed that 

“The project was taken for around 4,900 ether ($13.8 million). Among them, 1,360 ether ($3.8 million) was rescued by us.”

Saddle Finance has since confirmed the incident on its Twitter handle. The decentralized automated market maker stated that it is investigating the exploit and has paused metapool withdrawals. 

The team is investigating a possible exploit and is pausing pool withdrawals

— Saddle (@saddlefinance) April 30, 2022

According to the team, “single-asset withdrawals are currently restricted, but balanced pool withdrawals are always possible.” The DEX also confirmed that it’s in contact with BlockSec to recover the $3.8 million.

While there are talks about how BlockSec was able to recover part of the funds, the bigger concern is the prevalence of theft in the crypto sector.

Crypto theft has taken various forms since the year started, with hackers using exploits and phishing to steal millions from platforms and directly from consumers. It’s difficult to determine the effect of this large-scale theft on the sector’s growth, but it’s not positive.

Just yesterday, we reported that Rari Capital and Fei protocols have lost around $90 million to exploits. With about $1.3 billion lost in the first quarter of this year, the rate of these thefts could lead to the loss of more than what was recorded in the space last year.

What do you think about this subject? Write to us and tell us!

The post DeFi Exploits Continue to Plague Industry as Saddle Finance Hack Sees $10M Stolen appeared first on BeInCrypto.

By

Leave a Reply

Your email address will not be published. Required fields are marked *