• An Optimism-based (OP) decentralized credit market protocol has been hacked, resulting in a loss of about $7.2 million worth of Ethereum (ETH).
• The exact cause of the hack was due to an exploit that allowed the attacker to bypass the permit check and liquidate users’ assets for their own gain.
• The hack has caused EXA’s price to drop by 32% over the past 24 hours.
Hacker Exploits Optimism-Based Decentralized Credit Market
An Optimism-based ( OP ) decentralized credit market protocol has been hacked to the tune of millions of dollars worth of Ethereum ( ETH ). According to web3 protocol De.Fi, bad actors have stolen about $7.2 million worth of ETH through exploiting Exactly (EXA), an open-source credit market project.
Security Breach Details
After a thorough review, De.Fi concluded that the total amount stolen is 4,323.6 ETH, with 1,490 ETH bridged using Across Protocol and 2,832.92 ETH bridged to Ethereum via Optimism Bridge. As a result, Exactly has temporarily paused its protocol while further investigation takes place; however investors are still able to withdraw funds from their accounts if needed.
Root Cause Of Exploit
Beosin Blockchain security firm explained how the hacker was able to bypass security measures and steal funds from users: “The market address in DebtManager contract could be manipulated – allowing the attacker to pass in a malicious market contract address which bypassed the permit check before executing a malicious deposit function and stealing USDC deposited by users.”
Impact on EXA Price
News of the hack had an impact on EXA’s price as it fell sharply during the last 24 hours – trading for $4.28 at time of writing – down by 32%.
Conclusion
This incident highlights once again why investing in cryptocurrencies carries risks involving security vulnerabilities that can lead to large losses for investors if not carefully monitored and managed properly . Therefore proper caution needs to be taken when interacting with digital assets on any blockchain platform or network such as Etherum in order to protect your funds from being stolen by hackers or other malicious actors.