Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesCopyBotsEarn
dYdX Identifies Hacker in $9M SUSHI and YFI Incident

dYdX Identifies Hacker in $9M SUSHI and YFI Incident

DailyCoinDailyCoin2024/01/08 13:25
By:DailyCoin
  • dYdX has published a post-mortem report on a recent attack.
  • The exchange detailed how the attacker manipulated market positions.
  • The report stated the exchange had uncovered the identity of the attacker.

Decentralized exchange dYdX has issued a post-mortem report identifying the hacker behind a SUSHI and YFI incident it recently experienced on its v3 platform, leading to millions of dollars in losses.

On November 18, dYdX announced that an attacker had used $9 million from its insurance fund “to fill gaps on liquidations processed in the YFI market.” While the exchange stated that no user funds were affected, 40% of the insurance fund was reportedly drained in the attack.

dYdX Issues Post-mortem Report on $9 Million Attack

Per the report , on November 1, dYdX became aware of 132 addresses connected to its v3 platform and linked to a single funding source. The wallets opened highly leveraged SUSHI long positions, significantly increasing open interest in the SUSHI-USDC market.

Although the exchange raised its marginal requirement to 100% to prevent further profitable withdrawals from these trades, the attacker replicated a similar trading pattern in the YFI-USDC market a few days later.

“The attacker appeared to have a clear strategy: build leveraged long positions on dYdX v3 prior to purchasing $SUSHI and $YFI spot. Ultimately, the price moves in $SUSHI and $YFI were possibly due to some combination of an organic price move and the attacker’s coordinated aggressive buying in spot markets,” the report read.

To maximize their gains, the attacker withdrew unrealized profits from their long positions before redepositing these profits in newly connected wallets to expand their long positions. In the long haul, the attacker used a deposit of $16 million to drain $9 million from the insurance fund.

dYdX revealed that it had uncovered the identity of the hacker and that it was in contact with them. Further, the exchange clarified that it was “assessing all legal options” to resolve the matter, including assisting law enforcement in their investigation.

Read how the Orbit cross-chain bride was recently exploited:
Orbit Cross-Chain Bridge Hit for $82 Million

Stay updated on how the Nest Wallet CEO fell victim to a phishing attack:
Nest Wallet CEO Loses $125,000 to LFG Token Phishing Attack

0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.
APR up to 10%. Always on, always get airdrop.
Lock now!

You may also like

Bitcoin is inches away from cracking all-time high against gold

If gold remains steady today, a single move from bitcoin to $98,500 would do it

Blockworks2024/11/21 20:44