MM.Finance, a DeFi platform, had more than $2 million stolen

MM.Finance, a DeFi platform, had more than $2 million stolen

Hackers target the availability or stability of a network’s DNS service in these types of attacks. The attacker was able to “inject a malicious contract address into the frontend code,” according to the team behind MM.Finance, which bills itself as the world’s largest decentralised finance ecosystem on the Cronos blockchain.

In a Domain Name System (DNS) attack, hackers managed to steal $2 million worth of digital assets, according to MM.Finance.

“Attacker changed the router contract address in our hosted files via a DNS vulnerability.” This problem must be resolved first and foremost. In a Medium post-mortem, the business claimed, “We understand that some of you have lost considerable sums and are filled with anxieties and despair.”

Users who interacted with the MM.Finance site starting on May 4 lost funds after performing swaps or adding and removing liquidity.

“When victims navigated to mm.finance to remove liquidity, the malicious router kicked in and the LPs were withdrawn to the attacker’s address,” the company explained.

The attacker stole more than $2 million in cryptocurrency before laundering it through Tornado Cash, a service that allows people to disguise the origin of funds.

The company is setting up a compensation pool for those affected and the team behind the platform said it would be giving up its share of trading fees to cover the losses. The compensation pool will be open for 45 days and the company has set up a system to repay those who lost cryptocurrency.

They also plan to hire a security company to look into their DNS configurations and will remove two of their service providers from their deployment stack to reduce their potential attack surface, the company said.

“We take this attack vector seriously, and will ensure to do our best moving forward to eradicate such vectors,” the company added. In follow-up messages on Twitter, the company said it traced the stolen funds to the OKX exchange, threatening to call the FBI if the funds were not returned. The CEO of OKX said it is investigating the issue.

“Unethical as your actions are, we concede that there is a certain mad brilliance behind your design. So here’s the deal, return 90% of the funds you stole and we will let this go, no questions asked. You have 48 hours to return these funds. Straight up, this is a win-win-win for us (time), you(risk and reward) and community(recovery of stolen funds),” MM.Finance wrote on Twitter on Thursday. “Should you decline, we’ll just sleep less and escalate this, a cost that we at MM are already so very used to. Your move.”

The company did not respond to requests for comment about whether the funds have been returned.

Disclaimer: If you need to edit or update this news from compsmag then kindly contact us Learn more

For Latest News Follow us on Google News


Latest Headlines
  • Show all
  • Trending News
  • Popular By week
Apple announces its WWDC 2022 schedule
Apple announces its WWDC 2022 schedule
There’s a possibility Apple will preview its rumored mixed reality headset during the keynote. We also expect to see several new or refreshed hardware ...
Windows for Android is updated by Microsoft
Windows for Android is updated by Microsoft
Advanced networking allows users to set up smart home devices such as speakers and security cameras with a compatible Android app. This feature is available ...
Africa faces stagflation as a result of the epidemic and the conflict in Ukraine, according to the African Development Bank
Africa faces stagflation as a result of the epidemic and the conflict in Ukraine, according to the African Development Bank
“If the conflict persists, Africa’s growth is likely to stagnate at around 4 percent in 2023.” Inflation is meanwhile expected to accelerate to 13.5% this ...
‘Replaced,’ an Xbox Game Pass 2.5D platformer, has been delayed until 2023
‘Replaced,’ an Xbox Game Pass 2.5D platformer, has been delayed until 2023
As mentioned above, the decision to push to 2023 is to ensure that “the game is in the best state it possibly can be” when it arrives on Xbox Game Pass, as ...
Samsung SDI and Stellantis to Install US$2.5 Billion EV Battery Factory
Samsung SDI and Stellantis to Install US$2.5 Billion EV Battery Factory
Samsung SDI and Stellantis may boost their investment in the project to as much as $3.1 billion, the South Korean company said, reports Yonhap news agency. ...
Future Retail, Future Lifestyle earnings announcements will be delayed
Future Retail, Future Lifestyle earnings announcements will be delayed
Earlier this month, FRL’s Chief Financial Officer C P Toshniwal and Company Secretary Virendra Samani had resigned from the company. Two recorded Future ...
In the fourth quarter, Max Healthcare made a profit of Rs 172 crore
In the fourth quarter, Max Healthcare made a profit of Rs 172 crore
”These will have a combined potential to add 2,200 beds in the coming years in addition to the ongoing brownfield expansions. As we step into the new fiscal ...
PhonePe, owned by Walmart, introduces UPI SIP to invest in 24K gold
PhonePe, owned by Walmart, introduces UPI SIP to invest in 24K gold
The advantage of starting a gold SIP on PhonePe is the convenience of UPI (unified payments interface). The user has to just select the gold provider, ...
The World Economic Forum estimates that investing in future skills could add $8.3 trillion to the global economy
The World Economic Forum estimates that investing in future skills could add $8.3 trillion to the global economy
The Reskilling Revolution initiative, launched at the World Economic Forum’s 50th Annual Meeting in January 2020, is working to provide 1 billion people with ...
Apple will pull the iPod out of its ecosystem due to falling demand
Apple will pull the iPod out of its ecosystem due to falling demand
Over Two Long Decades, The Product Came In Various Shapes And Designs And Had Solved The Problem Of Many Music Lovers. Smaller Than The Mini Pocket Of Your ...
Show next
We will be happy to hear your thoughts

Leave a reply

Compsmag - Latest News In Tech and Business
Logo