Since Friday, Feb. 14, 2020, decentralized lending protocol bZx was twice exploited by attackers using a combination of methods involving flash loans and price manipulations to profit on cryptocurrency swaps, resulting in total losses of approximately $954,000. The first attack took place on Feb. 14 and resulted in the attacker pocketing 1,193 ETH (approximately $318,000) after a bug in the bZx's smart contract code failed to run standard safety checks that should have prevented a highly leveraged position on ETH/BTC trading pairs. The second attack took place days later, resulting in losses of 2,388 ETH (approximately $636,000), perpetrated, in part, via oracle manipulation on the price of synthetic USD Coin stablecoins.
Last week, the IOTA Foundation shut down the entire IOTA cryptocurrency network after hackers exploited a vulnerability in Trinity, the mobile and desktop wallet app developed by the IOTA Foundation, and stole approximately $1.6 million from at least 10 high-value IOTA accounts. IOTA announced this week that it had released a "safe" version of Trinity in response.
Earlier this week, crypto exchange FCoin notified users that it was unable to process withdrawal requests, as it revealed a nearly $130 million shortage of assets, a result of system problems and "decision errors" made by exchange leadership. The exchange's novel yet controversial model, called "trans-fee mining," designed to incentivize trading by issuing exchange tokens, made FCoin one of the largest exchanges by volume.
For more information, please refer to the following links:
- DeFi Project bZx Exploited for Second Time in a Week, Loses $630K in Ether
- Decentralized Lending Protocol bZx Hacked Twice in a Matter of Days
- IOTA cryptocurrency shuts down entire network after wallet hack
- Crypto Exchange FCoin Insolvent After Revealing Up to $130M Bitcoin Shortfall