Image default
CryptoNewsDeFiFeaturedNews

Onyx Protocol Loses $2.1 Million in a Rounding Exploit

Onyx Protocol, a decentralized finance (DeFi) platform that allows users to earn interest on their crypto assets, was hacked on November 1, 2023. The attacker exploited a rounding issue in the protocol’s code and drained over $2.1 million worth of Ethereum (ETH) and PEPE tokens.

According to BlockSec, a security firm that analyzed the incident, the attacker used a flash loan of a large amount of ETH to manipulate the exchange rate of PEPE, a meme token that is part of Onyx’s ecosystem. The attacker then swapped the PEPE tokens for ETH at an inflated rate, resulting in a profit of more than $2.1 million.

The exploit was possible due to a “precision loss” vulnerability in Onyx’s codebase, which originated from an older forked version of Compound V2, a popular DeFi lending protocol. The vulnerability allowed the attacker to withdraw more ETH than they should have by burning fewer shares of the pool.

Onyx is the Latest DeFi Protocol to Fall Victim to an Exploit 

Onyx Protocol Loses $2.1 Million in a Rounding Exploit

The attacker has since sent 700 ETH ($1.25 million) to Tornado Cash, a service that provides anonymity for Ethereum transactions. The remaining funds are still in the attacker’s wallet.

Onyx Protocol has not issued any official statement on the exploit yet. The protocol’s website and Twitter account are currently offline. The protocol’s users are advised to withdraw their funds as soon as possible.

This is not the first time that a DeFi protocol has been exploited due to a rounding issue. In December 2022, Hundred Finance, another DeFi lending platform, lost $1.3 million in a similar attack.

The incident highlights the need for more rigorous security audits and testing for DeFi protocols, especially those that fork or copy code from other projects. DeFi users should also exercise caution and do their own research before investing in any new or unverified protocol.

Related posts

Mysterious 3 Trillion Shiba Inu (SHIB) Transfer Sparks Market Speculation

jose

Towns: The New Blockchain Messaging Platform Launches with $25.5 Million Backing

jose

Avalanche Blockchain Launches Retro9000: A $40 Million Program for Developers

jose

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More