Agave and Hundred Finance have suspended operations while the investigation into the exploit continues.
After executing a “reentry” assault on decentralized finance (Defi) lending protocol apps Agave and Hundred Finance, a hacker stole approximately $11 million in wrapped BTC (BTC), wrapped ETH (wETH), Chainlink (LINK), wrapped XDAI (wxDAI), USD Coin (USDC) and Gnosis (GNO).
The incident comes just 24 hours after hackers stole more than $3 million worth of Dai (DAI) and Ether (ETH) from the lending contract platform using Deus Finance malware.
According to data from CoinGecko, the value of the agave token AGVE dropped by 20% following the hack. HND, the Hundred Finances token, fell 3.5% after the exploit was revealed. However, it has now recovered and hit a 24 hour high.
Attempt to launder stolen tokens
Shegen (@shegenerates), Solidity developer and inventor of an NFT liquidity protocol app, tweeted that she lost $225,000 in the exploit.
His research indicated that the attack was carried out by abusing a wETH contract feature on Gnosis Chain, allowing the attacker to continue borrowing crypto before the apps could calculate the debt and block further borrowing. .
According to on-chain research, the attacker’s address delivered over 2,100 ETH, worth over $5.5 million, to a crypto mixer in an attempt to launder the stolen tokens.
“Agave is actively researching the exploits of an agave funding protocol,” Agave tweeted on Tuesday, contracts have been put on hold until the matter is resolved, “We will update you as soon as we know more .”.
The Hundred Finance team also tweeted that it had been exploited on the Gnosis network and had suspended its markets while the investigation took place.
The distinction between Aave and Agave- which is better
This exploit was used by the attacker, who continued to borrow against the same collateral he displayed until the funds ran out of protocols.
While the smart contract on Agave is virtually the same as the one on Aave, which guarantees $18.4 billion, “every security researcher has audited it,” Shegen told Cointelegraph. “As a result, it is reasonable to talk about the security of the contract.”
According to Mudit Gupta, a blockchain security researcher, the distinction between Aave and Agave is that “Aave actively checks for reentry before putting tokens on the mainnet to prevent similar attacks.”
Shegen also declined to criticize Gnosis for producing tokens with a callback function that the hacker exploited, saying the feature prevents users from accidentally losing their crypto.
ALSO READ: Incoming Liquidity with Bitcoin Bank Fee Structures