Hashing Bits'35 || Rug Pulled🚨, Luna fell for $6.7M

Hashing Bits Weekly Newsletter | Week-35

Dot Finance suffered a Flash Loan Attack

Dot Finance, a DeFi project based on the Polkadot blockchain, was a victim of yet another flash-loan attack. The attack was possible due to improper mint amount calculation. 

WHY FLASH LOAN ATTACKS ARE THE NEW BLACK?

Money for Nothing. That’s what Flash loans are termed as in the DeFi space. But in the recent past, various DeFi platforms were siphoned off over millions through ‘Flash Loan’ Attacks. 

- More on this…

Luna Yield siphoned off for $6.7M

Luna Yield, a Solana blockchain based DeFi project rug-pulled investors, causing the total damage of $6.7 Million.

In the crypto space, rug pull is described as a situation wherein the developers of a crypto project pull out support, thereby leaving the investors and users with worthless tokens.

- More on this…

Crypto Exchange HitBTC was attacked, loss - $1M

Sentinel Network reported that crypto exchange HitBTC was hacked, with a total loss amounting to 40 million DVPN tokens (~£730,000) (or) $1M that users had entrusted to the platform. The DVPN utility token acts as a reward for providing bandwidth to a distributed p2p VPN network.

Solend attacked for $16K

Solend, an algorithmic, decentralized protocol for lending and borrowing on Solana was hacked after a hacker successfully cracked the insecure identity check in the “UpdateReserveConfig” function which allowed the hacker to liquidate all user accounts. The hacker also set the APY of borrowed funds to 250%. Mistakenly, funds of 5 users were stolen amounting to $16,000. The hacker will refund affected users’ funds.

Vulnerability Write-ups


The Insecure Ways for Mint Amount Calculation - Dot Finance Analysis by Inspex team. 

Solend Incident Report by Rooter Nope.

DeFi Security


Auditing Smart Contracts - Security Review of Ethereum Applications by Mudit Gupta.

From QuillAudits Table

More than 100+ projects wew duped off for $500M due to -  “coding errors”. Want to know the best DeFi coding practices?

Read Here