Gairika Mitra
An alert issued today reports that a suspicious transaction involving Bedrock DeFi resulted in the loss of approximately $1.7 million from its UniBTC liquidity pool. The funds were allegedly sent to an address linked to Tornado Cash, a privacy-focused service, raising concerns about a potential hack or exploit.
Analytics platform Cyvers reported this move.
🚨ALERT🚨A suspicious transaction involving @Bedrock_DeFi has been detected!
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) September 26, 2024
The suspicious address funded funds by @TornadoCash, and it appears the $uniBTC pool has been drained of $1.7M. Currently, 650 $ETH (worth $1.7M) is sitting at the attacker's address: 0xEE8……980f7.… pic.twitter.com/eoc5UVjIx7
The attacker’s address, 0xEE8……980f7, currently holds around 650 ETH, equivalent to the stolen amount. Despite attempts to contact Bedrock DeFi via Telegram, no response has been received at the time of writing.
Investigations into the incident are likely underway, although official confirmation from Bedrock DeFi is yet to be issued. The decentralized finance (DeFi) platform, built on Ethereum, offers various financial services, including lending, borrowing, and liquidity provision.
The suspected attack marks another instance in a series of exploits targeting DeFi platforms this year. According to a report by Certik, the crypto and Web3 space has lost $1.6 billion.
“In just the first four months of 2022, we’ve already exceeded the total losses of 2021 ($1.3 billion) and 2020 ($516 million),” it said.
Related: Smart Contracts Are Powering a New Wave of Finance: Here’s How
Crypto suffers severe financial losses due to cyberattacks
Previously, a report from PeckShieldAlert revealed that more than ten major hacks occurred in August alone, resulting in approximately $313.86 million in stolen funds. Notably, around 93.5% of this total came from two large-scale phishing attacks, which together accounted for $293.4 million.
This trend highlights phishing as the most significant threat in August. The largest phishing incident resulted in the theft of $238 million in Bitcoin (BTC), while a second attack took $55.4 million in DAI, a widely used stablecoin.
In addition to phishing, other notable incidents contributed to the overall losses. The Ronin Network, a popular blockchain, suffered a hack that resulted in a $12 million loss, though the stolen funds were eventually returned.
Related: Chrome Extension Injects Hidden Fees Into Solana Swaps: New Report
Decentraland’s official X account, the virtual reality platform, was also hacked. The company reported on X that the hacker gained access to post, read, and send direct messages from its official account.
The security breach began with a phishing email that appeared to come from X support, containing fake login attempts. In an effort to secure the account, team members clicked a link to change the password, inadvertently falling victim to the phishing scam. This action allowed the hacker to delegate access to another user, @yeray284, who then posted from the compromised account.
Read More
- Another Security Breach: Decentraland X Account Compromised
- Security Breaches Hit Crypto Hard: $313 Million Stolen in August, Phishing Emerges as Top Threat
- Shiba Inu to Skyrocket 360%, Citing Bullish Breakout After Market-Defying Performance, Analyst Predicts
GAIRIKA
Gairika is a cryptocurrency journalist with a focus on Bitcoin and blockchain technology.
