Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,176
- Points
- 113
Hackers attacked the decentralized finance protocol Dough Finance, using an instant loan, resulting in the loss of digital assets worth $1.8 million.
The company Cyvers Alerts, specializing in security in the field of Web3, reported in the social network X about the discovery of several suspicious transactions with Dough Finance. Cyvers Alerts contacted the Aave lending protocol to clarify whether its pools were affected. Experts assured that the Aave pools are safe. The main impact of the attack fell on the Dough Finance protocol.
The attacker obtained funding through the zero-knowledge Railgun protocol by exploiting a vulnerability in the ConnectorDeleverageParaswap smart contract of the Dough Finance protocol. Security service provider Olympix explained that the smart contract failed to properly verify call data for urgent loan requests, which allowed an attacker to manipulate them for profit. The hacker was able to exchange the stolen USDC stablecoins for 608 ETH worth about $1.8 million.
Security experts recommended that users of Dough Finance consider withdrawing crypto assets to secure wallets and temporarily stop interacting with the protocol until the problem is resolved.
The company Cyvers Alerts, specializing in security in the field of Web3, reported in the social network X about the discovery of several suspicious transactions with Dough Finance. Cyvers Alerts contacted the Aave lending protocol to clarify whether its pools were affected. Experts assured that the Aave pools are safe. The main impact of the attack fell on the Dough Finance protocol.
The attacker obtained funding through the zero-knowledge Railgun protocol by exploiting a vulnerability in the ConnectorDeleverageParaswap smart contract of the Dough Finance protocol. Security service provider Olympix explained that the smart contract failed to properly verify call data for urgent loan requests, which allowed an attacker to manipulate them for profit. The hacker was able to exchange the stolen USDC stablecoins for 608 ETH worth about $1.8 million.
Security experts recommended that users of Dough Finance consider withdrawing crypto assets to secure wallets and temporarily stop interacting with the protocol until the problem is resolved.
