Menu

Euler Finance Flash Loan Exploit: Vulnerability Remained On-Chain for 8 Months

Crypto News, news by CryptosOnline.com

Read full article at CryptoPotato.

Omniscia, the auditing partner of Euler Finance, has released a post-mortem report on the same which stated that the vulnerability that was exploited by the malicious hackers originated from the decentralized finance lending protocol’s incorrect donation mechanism that failed to account for the donator’s debt health.

The vulnerable code introduced in eIP-14 brought about several modifications throughout the Euler ecosystem. This enabled the attacker to create an over-leveraged position and liquidate it themselves in the same block by artificially causing it to go “under-water,” said the firm in a statement.

  • The feature at the center of the vulnerability was not in the scope of any audit conducted by Omniscia.
  • An outside audit was responsible for reviewing the vulnerable code, which was later approved.
  • However, the vulnerability was not discovered as part of that audit and remained on-chain for eight months until it was exploited on March 13th despite a $1 million bug bounty in place.
  • The flawed etoken module has been disabled to prevent deposits and the vulnerable donation function.
  • Following the attack, the DeFi protocol revealed working with various security groups to perform audits and has also tapped law enforcement agencies to recover the funds.

“We are devastated by the effect of this attack on Euler protocol users and will continue to work with our security partners, law enforcement, and the broader community to resolve this as best we can. Thank you so much for your support and encouragement.”

The post Euler Finance Flash Loan Exploit: Vulnerability Remained On-Chain for 8 Months appeared first on CryptoPotato.

facebookShare
TwitterTweet
FollowFollow us
PinterestSave

This article is strictly for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. CryptosOnline.com does not provide investment, tax, legal, business or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any loss or damage caused or alleged to be caused by, or in connection with, the use of or reliance on any content, goods, services or opinions mentioned in this article.

#Bitcoin #Crypto #Cryptocurrency

CryptosOnline.com

CryptosOnline.com

Related articles

Iron Finance’s Titan Token Crashes to $0 In a Sudden DeFi ‘Bank Run’

Crypto News by CryptosOnline.com

Read full article at CryptoPotato.The field of decentralized finance is one where there’s a non-zero chance of protocol failure. In other words – scams, exploits, rug pulls, and whatnot are something to be constantly vigilant about. Iron Finance becomes the latest protocol to go through a massive exploit, which saw the price of its tokens […]

Learn More

Crypto.Com Coin Can No Longer Be Doubted

Crypto News by CryptosOnline.com

Read full article at The Capital. Come Learn About the Blossoming Cryptocurrency Continue reading on The Capital » ShareTweetFollow usSaveThis article is strictly for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. CryptosOnline.com does […]

Learn More

US Senate Demands Answers From Stablecoin Issuers, Expresses ‘Concerns’

Crypto News by CryptosOnline.com

Read full article at Crypto News.Stablecoins are in for another battering at the hands of the United States policymakers – with the Senate now getting in on the act: a committee chief has expressed “significant concerns” about the “consistency” of the terminology used to audit them…. Read More: US Senate Demands Answers From Stablecoin Issuers, […]

Learn More
Close Menu
Facebook
Facebook
Twitter
LinkedIn
LinkedIn