Listen up, you think the world of DeFi is all fun and games? Think again. 1inch, a major player in the DeFi space, just got hit with a $5 million hack.
But here’s the twist, they managed to recover most of it after negotiating with the hacker.
Dark pact
Negotiating with a hacker is like making a deal with the devil, but hey, it worked. The hack happened on March 5, and it was all because of an outdated smart contract.
The attacker exploited a vulnerability, which allowed them to make off with 2.4 million USDC and 1,276 Wrapped Ether tokens.
But here’s the thing, it wasn’t 1inch users who got hit, it was a third-party market maker called TrustedVolumes.
So, while users were safe, the incident still raises some serious questions about DeFi security.
Discovering weak spots
Now, you might be wondering how they managed to get the funds back. Well, it’s simple, they made a deal.
The hacker proposed a bug bounty in exchange for returning the stolen assets. It’s like a game of cat and mouse, where sometimes the mouse gets to keep a little cheese.
This isn’t the first time something like this has happened in DeFi. It’s becoming a trend, hackers returning funds after keeping a small portion as a white hat bounty.
Getting a few percent, and sleeping well is worth more than lootin’ the 100%, and becoming a target for the police.
1inch is on the right path?
But let’s not get too comfortable here. This is the second major security incident for 1inch in just six months.
Last time, it was a front-end compromise that exposed users to phishing threats. So, what’s the takeaway?
DeFi needs to step up its security game. Continuous audits, proactive monitoring, and swift action are the only ways to protect users and maintain trust in the industry.
1inch is taking steps in the right direction. They’re urging all resolvers to update to Fusion v2, which has better security measures.
But the real challenge is ongoing. As DeFi evolves, so do the risks. It’s time to get serious about security, or else we’ll keep seeing these kinds of hacks.
Have you read it yet? El Salvador’s Bitcoin rebellion is very well alive
Disclosure:This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.
Kriptoworld.com accepts no liability for any errors in the articles or for any financial loss resulting from incorrect information.
