Defi lender bZx Losses $55 Million as a Result of Phishing Attack
Evening
So another defi platform fall prey to exploitation, as DeFi lender bZx suffered a loss of $55 million on Friday according to blockchain security firm Slowmist. Surprisingly this wasn't a protocol breach, instead a private key controlling protocol’s deployment on Polygon and Binance Smart Chain got compromised due to a phishing emails sent to a developer's personal computer.
Autopsy of exploit revealed that it began with a phishing email sent to one of the developer's personal computer. The email contained malicious macro in a word file disguised as a legitimate attachment. The macro was able to run a script, compromising developer's personal mnemonic wallet phrase controlling the protocol’s deployment on Polygon and Binance Smart Chain.
25% of the stolen funds belong to team's personnel wallets. Apart from team's personal funds; lenders, borrowers and farmers with funds on BSC & Polygon are also affected.
As per bZx they are still working to determine total amount of funds stolen and are working with law enforcement to identify the hacker & recover lost funds.
It is pertinent to mention that this is not the first bZx got exploited. As last year bZx suffered three hacks losing approximately $18 million out of which only $8 million were recovered.
Posted Using LeoFinance Beta
One could ask how can people still fall for this but, as the cryptoverse grows, there will always be those who fall for this, it's just a matter of learning through experience (because people will not do their own research).
Yeah...pretty basic mistake. opening phishing emails.
Posted Using LeoFinance Beta