ChainSwap, a decentralized protocol that bridges the gap between Ethereum and BSC, was the victim of a security exploit that cost the platform $8 million.
On Twitter, the developer blockchain known as n30, reported that the decentralized finance protocol (DeFi) ChainSwap, had suffered an exploit over the weekend. According to reports, an attacker manipulated the protocol to take control over the ChainSwap contract and thus be able to extract value from it. The attack affected other DeFi protocols that used ChainSwap as a bridge to interact between the BSC and Ethereum chains.
n30, who is a developer of Wilder World, indicates that the hacker managed to mint and extract 20 million WILD tokens through the exploited vulnerability in ChainSwap.
On Twitter, n30 explained that the attacker executed 40 transactions to mint 500.000 WILD tokens in each, which he then sold for 652,4 WBNB tokens, valued at around $207.216 at the time of the attack. As he explains, this resulted in almost all available liquidity in the WILD/BNB pool being drained.
Other protocols affected by the ChainSwap exploit were Antimatter, Optionroom, Umbrellabank, Nord, Razor, Peri, Unido, Oro, Vortex, Blank, and Unifarm. These, like Wilder World, used ChainSwap to interact in the DeFi ecosystem and perform token swaps on DEXs such as PancakeSwap.
At the time of writing, Wilder World has reported that the protocol is safe to use on the Uniswap decentralized exchange. It also warns users not to interact with the protocol from BSC or PancakeSwap.
It may interest you: $3 million stolen from Bogged Finance and DeFi total losses of $106 million in hacks this month
ChainSwap loses $8 million in hack
The security exploit left ChainSwap with $8 million less in its balances. The development team confirmed the attack via Twitter, informing users that it is not safe to use the protocol. At the time of the exploit, the developers warned that the hack directly affected the protocol, so they decided to temporarily withdraw liquidity to minimize losses. Due to this action, many users will not be able to see their real balances in their accounts, which will be displayed at $0.
However, by the time of this writing, they have already informed in another tweet that the balances have been restored; although the withdrawal and sending functions remain disabled.
This attack highlights that decentralized finance remains in the crosshairs of those looking for easy money, meaning DeFi is still far from a safe place for less daring investors.
2 exploits in less than 15 days
On the other hand, ChainSwap suffers its second exploit just days after being the victim of another hack that stripped it of $800.000. On July 2, a vulnerability present in the code of this protocol allowed an attacker to extract part of its liquidity. However, the developers' response was quick, so they were able to block the hackers' addresses and negotiate with them to recover the funds. The project issued a report stating that tokens stolen from affected users would be returned. It also reported on a compensation and bonus plan that would be launched in the coming days.
The developers assured that they will hire several auditing firms to verify and protect the protocol, to ensure its development. In addition, they are preparing for the launch of ChainSwap V2 in the coming months.
At press time, CoinGecko shows that ASAP, the native token of the ChainSwap protocol, is trading at a value of $0,20 per unit, representing an incredible 7.000% recovery after its drop to $0,0035 on the day of the exploit.
Continue reading: More than 2 million users have used DeFi since 2018, GlassNode reveals
