The Raft DeFi platform lost about $3.3 million in Ethereum as a result of the hack. But the attack probably brought only losses to the attacker, experts found.
An analyst under the nickname 0xngmi noted that the hacker removed a total of 1,577 ETH (~$3.3 million) from the protocol. However, he sent 1570 ETH to the burning address, and only 7 ETH to his wallet.
For the attack, the attacker used 18 ETH received through the Tornado Cash mixer. But after all the operations and paying commissions, he still has 14 ETH left.
"Son of a bitch can go to jail for losing 4 ETH," the expert wrote.
Raft provides an opportunity to issue a US dollar-pegged R stablecoin backed by liquid ether derivatives like Lido Finance's stETH.
Igor Igambergiev, head of research at Wintermute, revealed the attack scheme. The attacker created two "child" contracts to issue 3000 R using 2 cbETH. He then liquidated the secured positions with 1,000 ETH received through instant loans.
The manipulation of liquidity increased the hacker's collateral to 3,900 ETH, which he used to mint 6.7 million unsecured coins. Then he sold tokens for ether for sale through some kind of mixer, Igambergiev suggested.
According to the expert, the attacker did not take into account that when converting assets, the function will access the storage from the main contract, in which the hacker's address was not initialized.
"So, instead of sending ETH to the attacker, the coins went to a null address that doesn't have a private key, oops," Igamberdiev explained.
Raft co-founder David Garay confirmed the hack and unauthorized withdrawal of funds from the protocol. The team launched an investigation into the incident and promised to provide the community with detailed information.
The platform suspended the issue of stablecoin.
According to CoinMarketCap, after the attack, the "stable coin" lost its peg to the dollar. At the time of writing, the asset is trading at around $0.08.
An analyst under the nickname 0xngmi noted that the hacker removed a total of 1,577 ETH (~$3.3 million) from the protocol. However, he sent 1570 ETH to the burning address, and only 7 ETH to his wallet.
For the attack, the attacker used 18 ETH received through the Tornado Cash mixer. But after all the operations and paying commissions, he still has 14 ETH left.
"Son of a bitch can go to jail for losing 4 ETH," the expert wrote.
Raft provides an opportunity to issue a US dollar-pegged R stablecoin backed by liquid ether derivatives like Lido Finance's stETH.
Igor Igambergiev, head of research at Wintermute, revealed the attack scheme. The attacker created two "child" contracts to issue 3000 R using 2 cbETH. He then liquidated the secured positions with 1,000 ETH received through instant loans.
The manipulation of liquidity increased the hacker's collateral to 3,900 ETH, which he used to mint 6.7 million unsecured coins. Then he sold tokens for ether for sale through some kind of mixer, Igambergiev suggested.
According to the expert, the attacker did not take into account that when converting assets, the function will access the storage from the main contract, in which the hacker's address was not initialized.
"So, instead of sending ETH to the attacker, the coins went to a null address that doesn't have a private key, oops," Igamberdiev explained.
Raft co-founder David Garay confirmed the hack and unauthorized withdrawal of funds from the protocol. The team launched an investigation into the incident and promised to provide the community with detailed information.
The platform suspended the issue of stablecoin.
According to CoinMarketCap, after the attack, the "stable coin" lost its peg to the dollar. At the time of writing, the asset is trading at around $0.08.
