Onyx Protocol Exploiter Drains $2.1M to Tornado Cash

ETH

2.51%

Catherine

2023/11/02 10:06

In the most recent security breach incident, Onyx Protocol, a decentralised finance (DeFi) project, fell victim to an exploit involving flash loans, resulting in the loss of approximately $2.1 million worth of Ethereum (ETH) coins.

Blockchain investigator PeckShield promptly raised an alert about the hack, which had gone unnoticed by the protocol until then.

#PeckShieldAlert @OnyxProtocol has been exploited for ~2.1M pic.twitter.com/5Z50tCg6MD
— PeckShieldAlert (@PeckShieldAlert) November 1, 2023
a

According to reports, the wallet address of the Onyx Protocol exploiter currently holds a balance of 1,164 ETH, equivalent to roughly $2.1 million, which malicious actors seized through the exploit.

This breach was initiated by the Onyx Protocol hacker, who took advantage of a known bug associated with a popular CompoundV2 fork.

The @OnyxProtocol hack leads to ~$2.1M loss by exploiting a known rounding issue behind the popular CompoundV2 fork.

Basically, the exploited oPEPE market was deployed 5 days ago without any liquidity. This empty market was abused with donation to borrow funds from other… https://t.co/ijkXbOyYr2 pic.twitter.com/fbHdZhTz0E
— PeckShield Inc. (@peckshield) November 1, 2023

The suspected perpetrator leveraged a rounding issue within the oPEPE market, allegedly lacking liquidity, to borrow funds from other markets.

Update pic.twitter.com/qxzX1zhpyZ
— PeckShieldAlert (@PeckShieldAlert) November 1, 2023

This tactic was detailed in PeckShield's independent investigation.

Update: Onyx Protocol Exploiter has laundered ~1,130 $ETH to #TornadoCash pic.twitter.com/lc8MRZ8Pzl
— PeckShieldAlert (@PeckShieldAlert) November 1, 2023

Same Bug Was Exploited

It is worth noting that this is not an isolated incident; a similar bug was exploited earlier to pilfer $7 million from the multichain lending protocol Hundred Finance.

We are helping the @OnyxProtocol team right now with an incident they are experiencing - an empty market attack. In the past, we worked with Compound to outline how to open new markets safely: https://t.co/12r8NmceLU
— Hexagate (@hexagate_) November 1, 2023

In that case, the attacker manipulated the exchange rate between ERC-20 tokens and hTOKENS, allowing them to withdraw more tokens than initially deposited, as confirmed by CertiK.

#CertiKSkynetAlert 🚨@HundredFinance’s attacker manipulated the exchange rate between ERC-20 tokens and htokens which allowed them to withdraw more tokens than they had originally deposited. The estimated losses of this attack is around $7.4 million.

Stay vigilant! https://t.co/1hxAnFoNjj<br/>— CertiK Alert (@CertiKAlert) April 15, 2023<br/> a

How Did the Attacker Exploit Onyx Protocol?

The attacker's method involved initiating the scheme with an ostensibly trivial donation to the oPEPE market.

This initial contribution served as collateral to secure a substantial loan from markets with sufficient liquidity.

Following this, the borrowed funds were redeemed, and the exploit was executed by capitalising on the rounding issue.

This theft was facilitated by the fact that the oPEPE market had only been established five days prior and contained no funds, offering a ripe opportunity for exploitation.

In a more detailed breakdown of the incident, the attacker orchestrated a flash loan of 4,000 ETH from Aave, an open-source liquidity protocol, and subsequently exchanged it for the meme coin, PEPE, prior to exploiting the oPEPE smart contract on Onyx.

Alex Onyx, the Community Leader for Onyx Protocol, acknowledged the theft and confirmed that the vulnerability has been addressed.

The team is actively working to secure the protocol further.

On X (formerly known as Twitter), Alex expressed awareness of the situation and provided assurance that steps are being taken to mitigate risks moving forward.

An update: the exploit didn't affect the XCN token and its contract, the XCN staking pool, and the Uniswap trading pools. They are safe.
— Alex Onyx (@al_onyxprotocol) November 1, 2023

More news about 오닉스 사건

May 14, 2024 10:53 pm
Onyx Collaborates With Broadridge To Introduce JPM Coin Into Repurchase Platform
According to Foresight News, Onyx, the blockchain business division of JPMorgan Chase, is partnering with fintech company Broadridge. The collaboration aims to introduce the Web3 payment system, JPM Coin, into one of Broadridge's repurchase platforms. As part of the transaction, Onyx's JPM Coin will serve as the settlement mechanism for Broadridge's distributed ledger repurchase platform. This platform, which uses blockchain technology, provides intraday, overnight, and term repurchase services. Broadridge users can expect the JPM Coin settlement to be launched in June this year. This move marks the first time JPM Coin has provided settlement functionality to a third-party digital platform.
Apr 23, 2024 10:16 am
DeFi protocol Onyx announces upcoming Onyx L3 modular chain
DeFi protocol Onyx announced the upcoming launch of the Onyx Layer 3 (Onyx L3) modular chain on the X platform, with more details to be announced soon.
Nov 15, 2023 12:31 pm
Apollo Partners with JPMorgan's Onyx to Simplify Alternative Asset Investment
According to Foresight News, alternative asset management company Apollo has partnered with JPMorgan's digital asset platform Onyx to simplify alternative asset investment using tokenization and smart contracts. Christine Moy, Apollo's data and artificial intelligence partner, stated on the X platform that the collaboration could reduce over 3,000 operational steps for wealth management institutions to just one automated process. Additionally, faster programmatic settlements could lower portfolio costs by approximately 20%, potentially bringing $400 billion in annual revenue opportunities for the AWM industry. By 2023, Onyx and Apollo plan to collaborate under the industry initiative 'Project Guardian,' led by the Monetary Authority of Singapore. They will provide proof of concept using licensed blockchain infrastructure to test how tokenization and smart contracts can revolutionize the asset management industry through new portfolio management paradigms.
Nov 02, 2023 11:32 am
"돈 좀 보내주세요"...오닉스 공격자, 자금 구걸에 ETH 전송
블록체인 분석업체 0xScope가 X(구 트위터)를 통해 “오닉스(XCN)프로토콜 공격자가 자신에게 자금을 구걸하는 온체인 메시지를 보낸 사람들에게 ETH를 전송한 것으로 나타났다"고 전했다. 한 주소(OxOa로 시작)는 메세지 전송 후 공격자로부터 6.5 ETH(1만 2,100달러)를 받았다.
Nov 01, 2023 9:11 pm
오닉스 커뮤니티 리더 "취약점 원인 조치 완료"
오닉스(XCN)프로토콜의 커뮤니티 리더 Alex Onyx가 자신의 X(구 트위터)를 통해 “오늘 발생한 익스플로잇(취약점 공격) 공격의 피해 규모는 210만 달러 수준으로 집계됐다. 현재는 문제 원인을 해결한 상황”이라고 전했다.
Nov 01, 2023 7:53 pm
오닉스 공격자, 토네이도캐시로 1130 ETH 추가 전송
블록체인 보안업체 펙실드가 X(구 트위터)를 통해 "오닉스(XCN)프로토콜 공격자가 토네이도캐시로 1130 ETH를 추가 전송했다”고 전했다.
Nov 01, 2023 6:53 pm
오닉스 공격자, 토네이도캐시로 100 ETH 전송
블록체인 보안업체 펙실드가 X(구 트위터)를 통해 "오닉스(XCN)프로토콜 공격자가 방금 전 토네이도 캐시로 100 ETH를 전송했다”고 전했다. 아울러 펙실드는 오닉스 프로토콜 공격이 현재도 진행되고 있는 것으로 보인다고 덧붙였다.
Nov 01, 2023 6:28 pm
Onyx Protocol Suffers Hacker Attack With Losses of At Least $2.1 Million
According to Foresight News, Onyx Protocol, a decentralized finance (DeFi) platform, has been targeted by hackers, resulting in a loss of at least $2.1 million. Beosin EagleEye, a security risk monitoring, warning, and blocking platform under Beosin, detected the attack. Beosin Trace is currently tracking the stolen funds.
Nov 01, 2023 6:21 pm
오닉스 프로토콜, 익스플로잇 추정...210만 달러 피해
블록체인 보안업체 펙실드가 X(구 트위터)를 통해 "오닉스(XCN)프로토콜이 익스플로잇(취약점 공격)을 당한 것으로 보인다. 피해규모는 약 210만 달러"라고 전했다.
Nov 01, 2023 6:16 pm
PeckShield: DeFi protocol Onyx is suspected of being hacked
PeckShield monitoring shows that the DeFi protocol Onyx is suspected of being hacked.