Nevertheless cryptocurrency hacks have been prominent since the blockchain tech industry emerged, blockchain tech security corporations are working hard to attract security and transparency to the sector. This time, BlockSec, a smart-contract auditing company dedicated to building a security infrastructure, has prevented a hacker from stealing $5 Million in cryptocurrency funds on ParaSpace.
ParaSpace is a decentralized lending protocol allowing users to lend or borrow numerous cryptocurrency assets on the Ethereum (ETH) blockchain tech. Apart from the platform enabling users to lend Non-Fungible Token (NFTs) or other assets to receive a percentage in the form of interest, ParaSpace lets the users use borrowed funds as collateral.
The vulnerability in the lending protocol of this smart contract enabled the hacker to borrow assets with fewer Non-Fungible Token (NFTs) than required as collateral, allowing the attacker to drain liquidity protocol. Fortunately, the exploiter failed in its 1st effort to execute the transaction owing to insufficient gas charges he has. In the meantime, smart-contract auditing platform BlockSec detected the hack and modified the protocol in time to prevent the hacker from liquidating the cryptocurrency asset.
Abeerah Hashim, an Associate Editor at PrivacySavvy, a trusted cyber security website, initiated a warning as a group of cryptocurrency publishers reached out.
“ Although while it’s great to see BlockSec successfully prevent this attack, it’s important to note that vulnerabilities in security systems can still exist. As cyber attackers continue to evolve and develop new methods, it’s critical for corporations to regularly assess and update their security measures to stay ahead of potential threats.”
Ethereum’s price is as of now currently worth $1,820 in the daily chart. | Source: ETHUSD price chart from TradingView.com
ParaSpace Paused Operations After Hack
To comment on the incident, ParaSpace tweeted;
We alongside @BlockSecTeam have identified the cause of the exploit that took place earlier on the ParaSpace protocol, and we are relieved to share that all user funds and assets on ParaSpace are safe and secure. No Non-Fungible Token (NFTs) were compromised and financial losses to the protocol are minimal.
ParaSpace further noted platform had paused all operations until it erased the vulnerabilities identified through the exploit. To put it another way, any transaction, withdrawal, or deposit cannot proceed as the smart contract’s team is as of now “fixing the identified vulnerabilities.”
Lei Wu, co- founder and CTO at the BlockSec, highlighted that the internal security function automatically monitored the transaction linked to the hack. He stated that the security function has the potential to prevent a hack in real-time.
The Non-Fungible Token (NFT) lending protocol stated the exploit had cost the smart contract a loss of 50-150 Ethereum (ETH) owing to the attacker “swapping betwixt crypto tokens during the exploit .” On the other hand, the ParaSpace will allocate these funds to smart-contract from its pocket to make it nothing has been lost.
Interestingly, the hacker left an on-chain message after he failed to steal the funds, asking BlockSec to return some of the gas charges he spent during the ParaSpace hack. He wrote:
I couldn’t make it work as a result of a stupid gas estimation error. Since I lost a amount of money attempting to make it work, it would be nice to get at least some of that back… good luck,
BlockSec has not rescued the funds from cybercriminals for the 1st time. The security company recently saved $2.4 Million from the Platypus Finance exploiters in February 2022. In April 2022, it prevented attackers from stealing $3.8 Million from Saddle Finance.
Featured image from Pixabay and chart from TradingView.com