TL; DR Breakdown
- Hackers cart away $10 million in Saddle Finance breach
- The platform has suspended all activities for now
- Block Sec averts theft of $3.8 million
Scammers and hackers have continued with their onslaught as many platforms continue to suffer from their actions. Analysts have advised major security measures. However, these malicious actors consistently devise new methods to carry out their operations. The recent one saw Ronin network lose more than $600 million in a bridge attack. However, the latest hack attack has seen Saddle Finance lose more than $10 million. The attack has been confirmed and broadcasted by the development team of Saddle Finance via Twitter.
Saddle Finance suspends activities on the platform
According to the statement from the team, it has restricted major operations on the website, including withdrawals and metapool access. Saddle Finance acts as a decentralized exchange providing users with AMM on Ethereum. Traders leverage the exchange to swap assets such as tokenized BTC, among other low slippage assets. The analysis submitted by on chain firm, PeckShield, explained in detail how the hackers were able to carry out the act.
It mentioned that the hackers were swift in carrying out a series of transactions totaling over $10 million that was lost. The firm also noted that the hackers accessed the platform using a popular hack method and moved all the stolen funds into Tornado Cash. Notably, the platform helps users mix funds so that their source will be untraceable. In the last few months, hackers have been leveraging this technology to hide where stolen funds will end up.
Block Sec averts theft of $3.8 million
In its statement, PeckShield said the hackers compromised the MetaSwapUtil lib that was used on the platform. It also mentioned that the hacker only moved 1 ETH away from Tornado Cash as a test with the remaining assets still sitting in their wallet. The firm also noted that about 300 new ETH has also been sent into Tornado Cash to hide its movement.
Reports also claimed that the hack could have gone to a tune of $13 million if not for the timely intervention of Block Sec. The firm was able to avert the theft of over 1,300 Ethereum from the loot, which will cost $3.8 million in today’s market. They were able to prevent the theft by using an internal bot that detects and tracks hack activities. Block Sec has sent the recovered digital assets to the Saddle Finance team.
Source: https://www.cryptopolitan.com/saddle-finance-suffers-a-10-million-hack/