DeFi

DeFi Protocol Tender.fi Hacker Returns $1.6M Following Chainlink Oracle Glitch

10.03.2023
0 21

A white hat hacker that targeted DeFi protocol Tender.fi has returned $1.6 million that was stolen on Tuesday, receiving a 62.15 ether ($85,000) bug bounty instead.

The attack occurred after Tender.fi upgraded its price feed to relay data from a Chainlink pricing oracle as opposed to a time-weighted average price (TWAP). The code, which was audited by PeckShield, contained an error and returned a number with too many zeros behind it. This meant the attacker was able to deposit one GMX token, worth around $70, effectively tricking the system into allowing infinite borrows, according to a postmortem published on Tender.fi’s Medium page.

After extracting $1.6 million from the protocol, the hacker left an on-chain message: «It looks like your oracle was misconfigured. Contact me to sort this out.»

Tender.fi reached out and agreed to pay the white hat hacker a 62.15 ether bug bounty.

The protocol plans to deploy a new rewritten oracle contract before unpausing borrowing. It has also vowed to repay any unpaid debt left behind by the hacker.

The TND token, which plunged by 34% on Tuesday, is trading at $1.87. It has increased by 2.37% in the past 24-hours against its ethereum pair but remains down by 7.62% against its U.S.dollar pair following a crypto market rout.

   

Source

Click to rate this post!
[Total: 0 Average: 0]
10.03.2023
0 21
Показать больше

Добавить комментарий

  • bitcoinBitcoin (BTC) $ 66,357.00
  • ethereumEthereum (ETH) $ 3,021.77
  • tetherTether (USDT) $ 1.00
  • usd-coinUSDC (USDC) $ 1.00
  • dogecoinDogecoin (DOGE) $ 0.155725
  • cardanoCardano (ADA) $ 0.452709
  • tronTRON (TRX) $ 0.126324
  • bitcoin-cashBitcoin Cash (BCH) $ 464.44
  • chainlinkChainlink (LINK) $ 13.93
  • matic-networkPolygon (MATIC) $ 0.685588
  • litecoinLitecoin (LTC) $ 82.36
  • leo-tokenLEO Token (LEO) $ 5.96
  • daiDai (DAI) $ 1.00
  • ethereum-classicEthereum Classic (ETC) $ 27.09
  • hedera-hashgraphHedera (HBAR) $ 0.111088
  • crypto-com-chainCronos (CRO) $ 0.125411
  • cosmosCosmos Hub (ATOM) $ 8.48
  • blockstackStacks (STX) $ 2.17
  • stellarStellar (XLM) $ 0.106617
  • okbOKB (OKB) $ 49.58
  • makerMaker (MKR) $ 2,808.53
  • vechainVeChain (VET) $ 0.035455
  • moneroMonero (XMR) $ 134.06
  • theta-tokenTheta Network (THETA) $ 2.09
  • algorandAlgorand (ALGO) $ 0.180083
  • neoNEO (NEO) $ 15.45
  • gatechain-tokenGate (GT) $ 8.10
  • kucoin-sharesKuCoin (KCS) $ 9.84
  • eosEOS (EOS) $ 0.800561
  • tezosTezos (XTZ) $ 0.914674
  • havvenSynthetix Network (SNX) $ 2.57
  • iotaIOTA (IOTA) $ 0.215191
  • bitcoin-goldBitcoin Gold (BTG) $ 35.15
  • tether-goldTether Gold (XAUT) $ 2,391.95
  • true-usdTrueUSD (TUSD) $ 1.00
  • enjincoinEnjin Coin (ENJ) $ 0.300007
  • zilliqaZilliqa (ZIL) $ 0.023116
  • ravencoinRavencoin (RVN) $ 0.029550
  • holotokenHolo (HOT) $ 0.002294
  • siacoinSiacoin (SC) $ 0.007044
  • 0x0x Protocol (ZRX) $ 0.473418
  • qtumQtum (QTUM) $ 3.64
  • basic-attention-tokenBasic Attention (BAT) $ 0.235485
  • zcashZcash (ZEC) $ 23.23
  • dashDash (DASH) $ 29.00
  • nemNEM (XEM) $ 0.037295
  • decredDecred (DCR) $ 19.90
  • ontologyOntology (ONT) $ 0.314680
  • liskLisk (LSK) $ 1.95
  • wavesWaves (WAVES) $ 2.49
  • iconICON (ICX) $ 0.221660
  • digibyteDigiByte (DGB) $ 0.011798
  • numeraireNumeraire (NMR) $ 27.78
  • nanoNano (XNO) $ 1.18
  • paxos-standardPax Dollar (USDP) $ 1.00
  • statusStatus (SNT) $ 0.036734
  • hiveHive (HIVE) $ 0.316737
  • steemSteem (STEEM) $ 0.272794
  • huobi-tokenHuobi (HT) $ 0.596122
  • omisegoOMG Network (OMG) $ 0.644079
  • binance-usdBUSD (BUSD) $ 1.00
  • republic-protocolRen (REN) $ 0.058120
  • bytomBytom (BTM) $ 0.011178
  • bitcoin-diamondBitcoin Diamond (BCD) $ 0.081994
  • kyber-networkKyber Network Crystal Legacy (KNCL) $ 0.572128
  • augurAugur (REP) $ 1.25
  • energiEnergi (NRG) $ 0.109994
  • husdHUSD (HUSD) $ 0.044913