- Team Finance suffers from $14.5 Million exploited during protocol migration.
- Despite the security audits, millions of exploits happened.
- The crypto platform further stated that all other digital assets, barring the compromised smart contract, are secured.
On October 28, 2022, Team Finance, a Decentralized (DeFi) Finance platform, updated about the exploit. According to the tweet, the crypto platform updated that at around 2 AM Pacific Time on October 27, 2022, a function on Team Finance platform that was exploited by an unknown third party.
Team Finance Exploit Update
Team Finance also detailed what exactly happened as it added that “the exploit targeted the audited Uniswap v2 to v3 migration function. And within an hour of the breach, the platform identified the issue and stopped all functionality of Team Finance.”
The platform remarked that “this contract was audited by a reputable audit firm. The exploit was not due to any contract upgrade of Team Finance but to a liquidity migration function, or was not due to any proxy contract upgrade.”
It also noted that all the contracts, tokens, stablecoins, and liquidity on the platform are secure along with all other functions that are working correctly, including token claims and withdrawals.
On the exploit, the platform expressed what they are now doing. It added that they have temporarily paused new lock creation on the platform and are currently working with several established security, audit, and blockchain investigation companies to assist with the remediation of the following issue.
In addition, Team Finance have contacted the affected project teams and are keeping them updated regarding the next prior steps. They have reached out to the exploiter in an effort to discuss possible resolutions. While the wallet of the exploiter has been blacklisted on Etherscan, and even the exchanges have been contacted.
On the other hand, multiple blockchain security firms have raised the voice against the hack, before the firm acknowledged it in a statement, with groups PeckShield, SlowMist and BlockSec by stating the root of the issue was a problem with the code of company and give a breakdown of the attack.
It must be noted that two years ago, the origin of the project, one Estonia-based firm, Hacken, has been responsible for 80% of Team Finance’s audits, according to several documents received by Blockworks.
Furthermore, the recent hack follows on the heels of this month’s compromised DeFi platform, Mango Markets which was washed-out for $112 Million in a price oracle manipulation attack.
As Mango had licensed its own audit in September 2022 that was handled by a team of security researchers at Neodyme, just before the trading platform was hit by its exploit five weeks later.
Source: https://www.thecoinrepublic.com/2022/10/31/a-defi-platform-exploited-for-14-5-million-find-here-details/