Get 40% Off
🚀 Our AI Picked 6 Stocks that Jumped +25% in Q1. Which Picks Will Soar in Q2?Unlock full list

DFX Finance Hacked for $4M – Attacker Moves Funds Through Tornado Cash

Published 11/11/2022, 11:30 AM
Updated 11/11/2022, 01:00 PM
DFX Finance Hacked for $4M – Attacker Moves Funds Through Tornado Cash

  • A hacker has stolen approximately 3,000 ETH, worth around $4 million USD, from DFX Finance’s Polygon liquidity pools.
  • An MEV bot extracted a large sum of stolen funds.
  • The decentralized exchange is set to shut down its liquidity pools on Polygon.
  • The value of DFX crashed 34% following the news.

Stablecoin-focused decentralized exchange DFX Finance (DFX) suffered an attack on Friday, November 11th, resulting in the loss of $4 million in stolen funds.

PeckShield, a blockchain security firm, tweeted early on Friday morning that a hacker had managed to siphon an approximate 3,000 ETH, worth around $4 million USD at the time of writing, due to a “lack of proper reentrancy protection”.

DFX Finance confirmed the hack, stating that it was notified of suspicious activity within 20-30 minutes of the initial transaction, and swiftly executed “a pause on all DFX contracts within a few minutes after confirming the attack”.

The price of the exchange’s native token, DFX, plummeted as the news came to light. The token is currently trading at $0.17 at the time of writing, representing a 34% deficit ove the last 24 hours, and a 99% drop from its all-time high of $24.87, according to data from CoinGecko.

DFX Finance claims that the hacker moved the illicit funds through Tornado Cash, an Ethereum-based mixer that was sanctioned by the U.S. government earlier this year. The exchange also revealed that an MEV bot was able to intercept and extract a large sum of the stolen funds, and has asked that the owner of the bot get in touch with them.

The exchange further noted that Polygon contracts have proven particularly susceptible to such attacks, and announced its intention to shut down its related pools. DFX will reportedly enable a temporary withdraw-only mode while it asks Polygon LP holders to withdraw their funds.

DFX Finance focuses primarily on stablecoin trading. The platform offers liquidity mining and other features with non-U.S. stablecoins such as the Canadian dollar-pegged CADC, the eeuro-based EURS, and the Singapore dollar-pegged XSGD.

The decentralized exchange has strong backing, with investment from industry giants like Polychain Capital, Hex Capital, and CMS Holdings, among others.

2022 has proven to be a rough year for the project, which held a role in the Coinbase (NASDAQ:COIN) insider trading controversy, before subsequently being deemed a security by the U.S. Securities and Exchange Commission (SEC).

The attack on DFX Finance is just one of many to have occured over the last couple of months. In October, Mango Markets, a Solana-based decentralized exchange, saw $114 million stolen from its reserves, while TempleDAO, a yield-farming DeFi protocol built on Ethereum, lost $2.4 million, and Binance was drained off $100 million. Bitkeep, a multichain crypto wallet, also lost $1 million to hackers in what has since become the worst month of exploits in crypto history.

Chainalysis, a blockchain research platform, estimates that hackers stole more than $718 million in the first two weeks of October alone.

On the Flipside

  • While unlikely, it’s possible that the hacker will return at least a portion of the stolen funds.
  • The owner of the MEV bot may yet return some of the intercepted funds.

Why You Should Care

Attacks on decentralized exchanges have shown no signs of stopping this year. As always, users should do their due diligence to determine which platforms and exchanges are trustworthy enough, and offer high enough standards of security to hold their funds on.

You Might Also Like:

Deribit Hackers Move Stolen ETH to Blacklisted Mixing Service, Tornado Cash

See original on DailyCoin

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.