By Alicia Maher
The decentralized finance industry has witnessed another interesting episode of DeFi exploits since the last one occurred five days ago. In the latest episode, DeFi protocol pNetwork is the victim and is reported to have lost 277 Bitcoin valued at $12.167 million based on the current price of Bitcoin. The DeFi protocol shared details of the exploit on its Twitter account.
According to pNetwork, the hacker (s) had taken advantage of the bug in the protocol’s codebase before gaining access to the Bitcoin fortune, which represents a bulk of pNetwork’s collateral. In its tweet, pNetwork assured users of the safety of other funds contained in other bridges.
pNetwork’s Stolen BTC are Wrapped Assets on BSC
The stolen 277 Bitcoins are wrapped assets since pNetwork is a cross-chain protocol that creates bridges and allows the transfer of assets across over 10 blockchains including Bitcoin, Ethereum, Dogecoin, Binance Smart Chain. pNetwork reported that the hacker stole the asset on the Binance Smart Chain bridge.
The protocol revealed in subsequent tweets that the bug had been identified and that the dev team was working to fix it up after which, the bridges would go live again. As regards users who were affected by the hack, pNetwork assured that it was working towards a comprehensive solution and updates will be given to inform them of the recovery process. pNetwork has attempted to reach out to the hacker offering him $1.5 million which is small compared to the stolen amount. It admitted that the chances of recovering the funds were somewhat low.
DEX Protocol, NowSwap Faces Significant Exploit
pNetwork’s hack comes on the heels of another that occurred last week, and which involved decentralized exchange NowSwap. According to reports, NowSwap lost $1 million comprising $535,000 in stablecoin USDT and 158 wrapped ETH (WETH). Recounting the incident, NowSwap revealed that the hacker had converted the stolen USDT to Ether using DEX aggregator, 1inch before moving them over an anonymous crypto exchange named Tornado Cash.
In another DeFi exploit featuring Sushiswap’s MISO, a protocol for smart contracts, a somewhat identified hacker wrote a malicious code on the protocol’s front-end which gave him express access to 864.8 ETH worth $3 million at the time the exploit was reported. Attempts at recovering were futile as Sushiswap’s CTO Joseph Delong claimed crypto exchanges- Binance and FTX refused to cooperate.
Similar exploits have occurred in the past bringing to fore the risks inherent in the unregulated DeFi space. Of all the exploits, Poly Network’s was the most notable, not only as the largest exploit ever, but because the stolen funds ($610 million) were refunded. Poly Network had offered the black-hat-turned-white hat hacker a bug bounty of $500,000 and a remote job as the protocol’s CSO. Although decentralized finance has beaten expectations in terms of growth, this growth has been impeded by various hacks and exploits.