The Onyx crypto lending protocol was the victim of a attack and lost the equivalent of 2.1 million dollars. At issue was a flaw which had already made it possible to steal 7 million dollars on a other DeFi protocol.
Several blockchain cybersecurity startups reported this Wednesday that the Onyx decentralized finance protocol had been affected by a hack 2.1 million.
According to PeckShield, the hackers exploited a “rounding problem” that was already known and linked to a forked version of Compound V2, on which the protocol is based.
Basically, the operated oPEPE market was deployed 5 days ago without any liquidity. This empty market was abused by donations to borrow funds from other markets with liquidity. The donated funds were then repaid by exploiting the well-known rounding problem”, explained the specialist.
PeckShield pointed out that the same bug was exploited in the Hundred Finance hack. In the spring of 2022, the DeFi platform lost $7 million.
The @OnyxProtocol hack leads to ~$2.1M loss by exploiting a known rounding issue behind the popular CompoundV2 fork.
Basically, the exploited oPEPE market was deployed 5 days ago without any liquidity. This empty market was abused with donation to borrow funds from other… https://t.co/ijkXbOyYr2 pic.twitter.com/fbHdZhTz0E
– PeckShield Inc (@peckshield) November 1, 2023
For the time being, the principal concerned has not communicated on the subject.