Onyx Protocol Loses $2.1 Million in Security Exploit
The decentralized finance protocol Onyx has fallen victim to a security exploit resulting in a loss of over $2.1 million. According to security firm BlockSec, the attacker exploited a vulnerability in Onyx’s codebase known as “precision loss” using an integer rounding issue and a flash loan. By taking out a large flash loan of ETH, swapping it for PEPE, and donating it to a specific pool, the attacker manipulated the exchange rate. They were then able to withdraw more assets by burning fewer shares due to the precision loss. This attack is reminiscent of the one carried out on Hundred Finance last year.
The vulnerability originates from an older version of Compound V2 integrated into Onyx’s architecture.
As per on-chain data, the attacker has already sent 700 ETH ($1.25 million) to the crypto mixing service Tornado Cash.
Hot Take: Onyx Protocol Hack Reveals Persistent Vulnerabilities in DeFi
The recent security exploit suffered by Onyx Protocol highlights the ongoing vulnerabilities within the decentralized finance (DeFi) space. Despite efforts to enhance security measures and protocols, hackers continue to find ways to exploit weaknesses in codebases and execute sophisticated attacks. The precision loss vulnerability, stemming from an older version of Compound V2, emphasizes the importance of thorough audits and diligent code maintenance in DeFi projects.
This incident serves as a reminder for both developers and users of DeFi platforms to remain vigilant and proactive in identifying potential vulnerabilities and implementing robust security measures. As the DeFi industry grows, it is crucial for participants to prioritize security to protect user funds and maintain trust in these financial systems.
By
By
By
By