An exploit attempt against a decentralized finance (DeFi) protocol has ended unexpectedly. Not only did the first attacker not keep the funds, he lost to another attacker who performed the same attack earlier and captured most of the loot.
The incident occurred on January 20th and affected the Makina platform, specifically the DUSD/USDC pool on Curve, a stablecoin exchange protocol on Ethereum. In total, the exploit involved approximately 1,299 Ether (ETH). Currently about $3.7 million.
As Makina’s team explained, the attack took place in just 11 minutes. The first hacker deployed an unverified smart contract. Purpose of base price manipulation (Oracle) Delpur DUSD/USDC.
To accomplish this, he utilized instant financing (known as). flash loan) that Allowing the value of one of the associated assets to be artificially inflated.
That inflated price spreads through Makina’s internal systems and is ultimately reflected in the curve pool. extract a large amount of USDC distorted exchange rate.
However, before the attacker could fully perform the operation, another attacker intervened, namely the MEV (Maximum Extractable Value) explorer. These agents monitor your network in real time and Look for profitable trades to get ahead or change the order within the block.
In this case, MEV Finder decompiled the original attacker’s contract, cloned the strategy, and executed it first.
As a result, the original hackers lost the opportunity to store their funds, which ended up in the hands of attackers who participated in the MEV search engine and block validation.
Partial recovery and unexpected developments
Of the total 1,299 ETH, most of it was captured by MEV Finder and distributed among block builders (block builder) and the Rocket Pool validator that checks the block in which the transaction was executed.
On January 22, two days after the incident, Makina reported that almost all of the funds held by Block Builder had been returned.
in particular, Of the 1,023 ETH received by the attacker, approximately 920 ETH was recovered10% discount on benefits granted based on. white hat Known as SEAL Safe Harbor (Ethical Hacker).
The recovered funds will be transferred to a multi-signature wallet dedicated to the repayment process and from there It is then distributed among affected usersbased on pool state logs obtained before the exploitation.
However, the recovery process is not yet complete. Makina reported that it continues to try to establish contact with the operator of the Rocket Pool validator, which received approximately 276 ETH as part of the exploit.
That section of the loot has not yet been recovered.
Finally, This incident was believed to be caused by an error in an internal script (a sequence of code instructions) is automatically used for protocol position accounting. This has been identified and is in the process of being remediated and externally audited.
Makina announced that it will implement the patch through protocol updates before fully resuming operations.
(Tag translation) Blockchain
