YEREVAN (CoinChapter.com) — Decentralized Exchange Protocol (DEX) NowSwap became a victim of a cyber attack on Wednesday.
According to blockchain security firm BlockSec, NowSwap was hacked and lost more than $1 million. In addition, the attackers allegedly stole 535,706 USDT and 158.28 WETH.
WETH is a wrapped form of Ethereum which allows ETH to be swap with other ERC-20 Tokens in a decentralized exchange (DEX).
BlockSec also informed that the Decentralized Applications (dApps) platform Nimbus also suffered a similar attack.
Recommended: PancakeSwap’s CAKE rallies 17.5% amid a $151 million worth token burning event.
NowSwap is a decentralized exchange where users can swap virtually any asset peer-to-peer through the Ethereum smart contract infrastructure.
To successfully steal over 1 Million from the network, the hackers converted USDT to ETH through the decentralized exchange aggregator 1inch. After the conversion, they camouflaged it on the transaction-privacy platform Tornado Cash.
To pull off a flash loan attack, the hackers used an invalid ‘K’ value check in the pair contract of NowSwap to attack the protocol.
After every transaction, the hacker used the loophole to get a partial return on the loan amount and repeated the process until the total funds in the attacked pool got over.
Recommended: DeFi platform WonderFi Launches on the NEO exchange under Ticker WNDR.
After being notified of the hack by DeFi security experts, NowSwap announced today that they had launched an investigation.
“We are investigating the hack on our protocol,”
NowSwap tweeted.
Of late, the Decentralized Finance (DeFi) industry has become a target of regular hack attacks.
DeFi lending protocol Cream Finance lost $18.8 million in assets to a flash loan attack at the end of August. That was the second time hackers had targetted the protocol this year.
The cross-chain Defi protocol PolyNetwork also became the victim of the largest Defi attack, losing over $oo million in the process. The attack happened on August 10.
Recommended: OpenSea senior employee accused of insider trading
As Decentralized Finance evolved, the market saw the introduction of one of DeFi’s most innovative yet controversial features: loans that do not require collateral.
This feature allows people to take loans for a specific transaction because the borrower will return the fund immediately after the transaction is complete. If the borrower does not return the fund immediately, the transaction gets canceled.
Attackers see this as a loophole and use this otherwise innovative feature to re-borrow assets in a series of transactions, siphoning off funds in the process.
It appears NowSwap has become a victim of a similar attack.
Although Decentralized Finance (DeFi) is disrupting the financial landscape, its security issues remain a major drawback.
International hedge fund Millennium Management has disclosed nearly $2 billion in spot Bitcoin ETF holdings…
Binance, the world’s largest cryptocurrency exchange, has developed a new algorithm to tackle "address poisoning."…
Venture capital firms invested more than $1.02 billion in the crypto sector in April, showing…
Thirteen years ago, Greg Schoen made a notorious decision. On May 17, 2011, he sold…
Reddit's stock RDDT jumped 15.90% in the week ending May 17, with investors picking their…
Here is the top crypto news of the day curated by CoinChapter.com.