• Sturdy Finance has lost 442 Ether due to a security flaw, resulting in $800,000 being stolen by a hacker.
• The attack was made possible by exploiting a loophole in the pricing oracle and using reentrancy attacks.
• Despite prompt reaction from the DeFi protocol, the hacker still managed to siphon away funds into a cryptocurrency mixer.
Sturdy Finance Loses $800K in ETH After Falling Victim to Hack
Decentralized Finance Protocol Sturdy Finance has lost 442 Ether because of a security flaw, with the full amount valued at over $800,000. The hacker took advantage of a loophole to manipulate a flawed price oracle, which ultimately allowed him to siphon money from the protocol.
Reactions From Sturdy Finance
The blockchain security company PeckShield informed Sturdy Finance of a transaction that appeared to be connected to price manipulation on June 12. After learning of the attack a little over an hour later, the DeFi protocol responded by stopping all of its markets and assured its customers that no additional funds are at risk.
Exploiting Price Oracles
Pricing oracles play an important role in decentralized finance (DeFi) applications like Sturdy Finance by giving actual pricing data. However, they can also be targeted by hackers looking for flaws while also compromising platform security. Reentrancy attacks were used in this case to launch the attack on Sturdy Finance and extract more money than legally allowed by taking advantage of this flaw.
Siphoning Funds into Cryptocurrency Mixer
PeckShield revealed that the attacker was able to move about $800,000 worth of ETH into a cryptocurrency mixer called Tornado Cash even though there was prompt response from the DeFi lending network. The root cause for this exploit was identified as being related to its flawed price oracle.
This case serves as an example of how important it is for protocols and platforms dealing with finances to ensure their systems are secure against malicious actors who could take advantage of loopholes like these for their own benefit without much difficulty.