Hacker Steals $12M from DeFi Platform


“Wrapped” Bitcoin worth more than $12m has been stolen from the decentralized finance protocol pNetwork. 

The cross-chain project announced the theft of 277 BTC on September 19 via Twitter, ascribing the hack to a codebase vulnerability. 

The theft was executed on Binance Smart Chain, which featured in the biggest ever DeFi heist in history – the $610m Poly Network hack that took place in August.

pNetwork supports multiple blockchains, including Ethereum, xDAI, EOS, Polygon, Binance Smart Chain, Telos and Ultra. Wrapped tokens increase interoperability between different blockchains by making it possible for currency created on one blockchain to cross onto another.

“We’re sorry to inform the community that an attacker was able to leverage a bug in our codebase and attack pBTC on BSC, stealing 277 BTC (most of its collateral),” said pNetwork.

“The other bridges were not affected. All other funds in the pNetwork are safe.”

The DeFi platform said that it had identified the bug but would keep certain data bridges closed until a fix was found.

In a bid to recover the stolen crypto-currency, pNetwork has publicly offered to pay its attacker 12.5% of their total illegal haul. 

“To the black hat hacker. Although this is a long shot, we’re offering a clean $1,500,000 bounty if funds are returned,” said the platform on Twitter.

“Finding vulnerabilities is part of the game unfortunately, but we all want [the] DeFi ecosystem to continue growing, returning funds is a step in that direction.”

pNetwork is undertaking an investigation which it described as “a detailed post-mortem.”

“We want to assure everyone that we are prioritizing security over speed,” said the platform, adding, “Bridges are being extensively reviewed for that and similar exploits.”

On Monday, pNetwork said that while its Telos and EOS bridges had been safely restored, they would be “running with extra security measures in place for the first few days.”

In its most recent update, posted at around 6pm Eastern Time on September 20, the platform said that the pUOS on Ultra bridge was not affected and is now back up.

“A detailed post-mortem will be shared tomorrow. Updates to follow on the gradual reactivation of all other bridges,” said pNetwork. 

Products You May Like

Articles You May Like

Quishing Campaign Targets Chinese Citizens via Fake Official Documents
U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain
Preventative defense tactics in the real world
Los Angeles Public Health Department Discloses Large Data Breach
Microsoft Admits Security Failings Allowed China to Access US Government Emails

Leave a Reply

Your email address will not be published. Required fields are marked *