QuillHash
Published in

QuillHash

Algorand-Based Tinyman AMM Exploited for $3.5M💰

Events Under the Spotlight

  • Stobox, a technology and consulting company’s $STOX token’s deployer address, which was the same for Ethereum and Binance Smart Chain, was compromised resulting in stolen and liquidated funds.
  • MetalandDAO, a project listed on PancakeSwap on BSC, rugged investors for more than 40 wBNB. Stolen funds were swapped for ETH.
  • Bored Bunny, an NFT project that’s collection of 4,999 unique NFTs on OpenSea, rug pulled investors for 2,000 ETH within hours of launch.
  • Later, about 800 ETH were transferred to Binance exchange.
  • Arbix Finance rug pulled investors for more than $10 Million in BUSD, BNB, BTCB, CAKE, USDC, anyUSDT and anyETH.
  • The stolen funds were sent to Ethereum using AnySwap.
  • Tinyman, an Algorand blockchain based trading platform was attacked, that cost the DeFi platform $3.5 Million.
  • The attacker exploited unknown vulnerabilities, also known as 0 dayvulnerabilities in the Tinyman smart contracts.
  • This provided unauthorised access to the platform’s liquidity pools to withdraw tokens which resulted in an increased volatile market aftermath the attack.
  • The hacker burned and swapped Pool Tokens multiple times to steal locked funds off the platform.
  • The Tinyman team later disclosed some information about the hack.
  • Vesper Finance was exploited during beta testing of its new beta Vesper Rari Fuse liquidity pool.
  • The attacker manipulated an oracle to drain $1 Million DAI, ETH, wBTC and USDC from the beta lending pool by using an out-of-market pair of VUSD/USDC.

To the Numerophiles out there 🔢

Google Trends scores for the terms “bitcoin,” “ethereum,” and “cryptocurrency.” Screenshot taken on January 7, 2022.

More From the Editor’s Desk

Owing to the large client base and their influence in different industries, the big four, namely — Deloitte, Ernst & Young (EY), Price Waterhouse Cooper LLP (PwC) and KPMG have become among the most active members of the blockchain revolution over the last couple of years.

Checkout how the inclination of Big Four towards auditing is highlighting the importance of auditing in blockchain projects.

Word on the Block

Versus Series

Catch out the Key differences between various significant terminologies in the Blockchain.

--

--

Delivering Enterprise-grade blockchain technology to leading companies worldwide.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store