Harvest suffers flash loan attack, hackers steal $23 million through Curve

BTC0.0₂₀

ETH0.0₂₀

HTX0.0₂₀

SOL0.0₂₀

BNB0.0₂₀

BTC0.0₂₀

ETH0.0₂₀

HTX0.0₂₀

SOL0.0₂₀

BNB0.0₂₀

Harvest suffers flash loan attack, hackers steal $23 million through Curve

巴比特

2020-10-26 06:17

本文约798字，阅读全文需要约3分钟

Flash loans were once again exploited by hackers and $4 million in funds were stolen.

Editor's Note: This article comes fromBabbitt Information (ID: bitcoin8btc), by Kyle, published with permission.

Editor's Note: This article comes from

Babbitt Information (ID: bitcoin8btc)

, by Kyle, published with permission.

The DeFi protocol Harvest.Finance announced at noon today that hackers are conducting economic attacks through the Curve y pool, causing the price of stablecoins in Curve to exceed the corresponding ratio, and depositing and withdrawing a large amount of assets through the Harvest protocol. In order to protect user funds, Harvest has withdrawn and transferred the y-pool and btc curve strategy funds to the Curve vault. Specifically: 100% of stablecoin and BTC curve strategy funds have been withdrawn from strategies to vaults in order to protect users. Next steps: To protect users, Harvest is blocking deposits to Curve stablecoin and BTC vaults via the protocol.

After the hacker transferred USDT from Curve, part of it was converted into renBTC through Uniswap and migrated to the Bitcoin blockchain.

Affected by the first attack, the trading volume of the Uniswap platform soared by more than 1200% today, reaching 2.008 billion US dollars in 24 hours, of which ETH-related transactions accounted for 2.006 billion US dollars, an increase of 1514% in 24 hours.

For this attack, Harvest explained that like other arbitrage economic attacks, this is a large-scale flash loan attack. Hackers manipulate the price of one currency Lego (Curve y pool) to consume another currency Lego (fUSDT, fUSDC) multiple times. asset.