Defi lender bZx Losses $55 Million as a Result of Phishing Attack

avatar

image.png(Source)

Evening

So another defi platform fall prey to exploitation, as DeFi lender bZx suffered a loss of $55 million on Friday according to blockchain security firm Slowmist. Surprisingly this wasn't a protocol breach, instead a private key controlling protocol’s deployment on Polygon and Binance Smart Chain got compromised due to a phishing emails sent to a developer's personal computer.

sm.png

Autopsy of exploit revealed that it began with a phishing email sent to one of the developer's personal computer. The email contained malicious macro in a word file disguised as a legitimate attachment. The macro was able to run a script, compromising developer's personal mnemonic wallet phrase controlling the protocol’s deployment on Polygon and Binance Smart Chain.

25% of the stolen funds belong to team's personnel wallets. Apart from team's personal funds; lenders, borrowers and farmers with funds on BSC & Polygon are also affected.

As per bZx they are still working to determine total amount of funds stolen and are working with law enforcement to identify the hacker & recover lost funds.

It is pertinent to mention that this is not the first bZx got exploited. As last year bZx suffered three hacks losing approximately $18 million out of which only $8 million were recovered.

image.png

158817836372645504 45.png

Posted Using LeoFinance Beta



0
0
0.000
2 comments
avatar

One could ask how can people still fall for this but, as the cryptoverse grows, there will always be those who fall for this, it's just a matter of learning through experience (because people will not do their own research).

0
0
0.000