A recent vulnerability in the Bedrock DeFi smart contract led to the loss of approximately $1.7 million, adding to the growing list of crypto exploits in 2024.
The issue stemmed from a flaw in the contract’s mint function, which mistakenly cast staked Ethereum (ETH) into the same quantity of uniBTC, without factoring in the price discrepancy between the two assets. This oversight provided a window for the attacker to drain funds.
A security exploit of @Bedrock_DeFi contract resulted in a loss of approximately $1.7 million.
The root cause of the attack is that the mint function in the project will cast the staked ETH into the same number of uniBTC. The price difference is not taken into account. pic.twitter.com/1F1mmK1xIO
— Beosin Alert (@BeosinAlert) September 27, 2024
The exploit was executed by a hacker using the address 0x2bFB373017349820dda2Da8230E6b66739BE9F96. Following the attack, the stolen funds were quickly swapped into Ethereum and are now stored at the address 0xEE800b1b63893Ca1E1b0FA8fEfDc10fAc9B980f7.
This event comes as the crypto industry faces a sharp rise in hacking incidents. In 2024 alone, hackers have stolen $2.1 billion across various platforms. Centralized finance (CeFi) platforms have been hit especially hard, experiencing a staggering 984% increase in successful attacks compared to last year—and the year isn’t over yet.
Crypto hacks in 2024 have surged to $2.1B, with CeFi platforms seeing a 984% increase year-over-year, and the year isn’t over yet.
Read more about these alarming stats on @Cointelegraph and learn how to protect your assets. https://t.co/IlTQcCdHDE
As Web3 expands,…
— Cyvers Alerts (@CyversAlerts) September 27, 2024
Trader Loses Over $32 Million Through Phishing Scam
In a separate incident, one victim lost an astounding 12,083.6 spWETH (worth around $32.33 million) after falling for a phishing scam. According to Arkham, the wallet involved may be linked to DiscusFish (@bitfish1), a prominent figure in the crypto space.
Someone lost 12,083.6 $spWETH(worth $32.33M)! due to a phishing attack!
According to Arkham, the wallet may be related to DiscusFish(@bitfish1).
To avoid being phished, please do not click on any unknown links and do not sign any unknown signatures.
Always double-check when… pic.twitter.com/LSLMDeNQzb
— Lookonchain (@lookonchain) September 28, 2024
To stay safe in this increasingly risky environment, users are urged to avoid clicking on unfamiliar links and never sign any unknown transactions without thorough verification. Double-checking all interactions can help protect against phishing attempts and safeguard your assets.
Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services.
Follow us on Twitter @nulltxnews to stay updated with the latest Crypto, NFT, AI, Cybersecurity, Distributed Computing, and Metaverse news!