Aave’s Earning Farm protocol targeted by reentrancy attack — PeckShield

NFT & DEFI
By admin
0

Blockchain security firm PeckShield revealed fresh vulnerabilities targeting decentralized finance (DeFi) projects on Aug. 9. According to the firm, Aave protocol’s Earning Farm has been compromised by a reentrancy attack, resulting in the theft of at least $287,000 worth of Ether (ETH).

A reentrancy attack is like tricking an ATM into giving you money multiple times before it realizes you have none left. This happens by sneaking in and out of a money request, fooling the system into granting an attacker more funds than it has available. Similarly, in computers, attackers exploit this trick to get more access or resources than they should by calling functions that interact with contracts repeatedly before the first function call is completed.

It’s unclear if the attack relates to the exploits on Curve Finance’s pools. The DeFi protocol’s stable pools were also targeted by reentrancy attacks on July 30, draining over $61 million. The Curve hack was enabled by a vulnerability affecting three versions of the Vyper programming language, a common contract language widely used by developers on DeFi protocols.

Related: Curve-Vyper exploit: The whole story so far

Earning Farm is designed to be a user-friendly protocol for Ether, wrapped Bitcoin, (wBTC) and USD Coin (USDC) holders. As stated on its website, the security firm Slowmist audited its blockchain contracts.

This isn’t the first time the protocol has been attacked. In October 2022, Earning Farm suffered two malicious hacks on its EFLeverVault through flash loan attacks, draining 750 Ether from the protocol. In flash loan attacks, the hacker borrows a large sum of cryptocurrency in a single transaction, manipulates its value through various transactions, and then pays back the loan — all within the same transaction. These attacks exploit price inconsistencies and temporary imbalances in the system to profit.

Magazine: Deposit risk: What do crypto exchanges really do with your money?

Source link

admin 1624 posts 0 comments
You might also like More from author
Leave A Reply

Your email address will not be published.

bitcoin
Bitcoin (BTC) $ 26,252.03
ethereum
Ethereum (ETH) $ 1,592.73
tether
Tether (USDT) $ 0.999530
bnb
BNB (BNB) $ 212.87
xrp
XRP (XRP) $ 0.498656
usd-coin
USDC (USDC) $ 1.00
staked-ether
Lido Staked Ether (STETH) $ 1,593.24
cardano
Cardano (ADA) $ 0.244677
dogecoin
Dogecoin (DOGE) $ 0.060564
solana
Solana (SOL) $ 18.96
tron
TRON (TRX) $ 0.084887
the-open-network
Toncoin (TON) $ 2.09
polkadot
Polkadot (DOT) $ 3.99
matic-network
Polygon (MATIC) $ 0.508531
litecoin
Litecoin (LTC) $ 63.75
wrapped-bitcoin
Wrapped Bitcoin (WBTC) $ 26,239.03
shiba-inu
Shiba Inu (SHIB) $ 0.000007
bitcoin-cash
Bitcoin Cash (BCH) $ 215.08
chainlink
Chainlink (LINK) $ 7.33
dai
Dai (DAI) $ 0.999853
true-usd
TrueUSD (TUSD) $ 0.998653
leo-token
LEO Token (LEO) $ 3.65
uniswap
Uniswap (UNI) $ 4.30
avalanche-2
Avalanche (AVAX) $ 9.02
stellar
Stellar (XLM) $ 0.112869
monero
Monero (XMR) $ 144.79
okb
OKB (OKB) $ 42.91
binance-usd
BUSD (BUSD) $ 1.00
ethereum-classic
Ethereum Classic (ETC) $ 15.08
cosmos
Cosmos Hub (ATOM) $ 6.96
hedera-hashgraph
Hedera (HBAR) $ 0.049122
filecoin
Filecoin (FIL) $ 3.19
internet-computer
Internet Computer (ICP) $ 2.96
crypto-com-chain
Cronos (CRO) $ 0.049991
lido-dao
Lido DAO (LDO) $ 1.46
maker
Maker (MKR) $ 1,414.09
quant-network
Quant (QNT) $ 87.11
mantle
Mantle (MNT) $ 0.389018
aptos
Aptos (APT) $ 5.22
vechain
VeChain (VET) $ 0.016485
arbitrum
Arbitrum (ARB) $ 0.822796
optimism
Optimism (OP) $ 1.28
near
NEAR Protocol (NEAR) $ 1.08
kaspa
Kaspa (KAS) $ 0.046922
rocket-pool-eth
Rocket Pool ETH (RETH) $ 1,728.47
aave
Aave (AAVE) $ 60.82
the-graph
The Graph (GRT) $ 0.086596
whitebit
WhiteBIT Coin (WBT) $ 5.23
algorand
Algorand (ALGO) $ 0.095133
usdd
USDD (USDD) $ 0.998105