Article Reading Time:
1 min.
According to PeckShield, a cybersecurity company, the attackers exploited a migration bug in Team Finance's smart contracts.
In this way , the hackers were able to gain access to the locked liquidity tokens and withdraw them to their addresses. The vulnerability made it possible to manipulate the price of liquidity tokens during migration, and the hackers were able to make huge profits after the process ended. As Team Finance representatives emphasized, the migration function from the second to the third version of the protocol was audited, but the specialists did not find the vulnerability.
The attackers managed to siphon off the assets of four projects that stored funds in the Team Finance protocol: CAW (A Hunters Dream), Dejitaru Tsuka, Kondux, and Feg.CAW lost the most – hackers stole $11.5 million worth of tokens.
"We have temporarily suspended all activity through the protocol until we are sure that the vulnerability has been fixed.All funds remaining in Team Finance are not at risk," the developers emphasized.
Interestingly, the attackers used only 1.76 ETH ($2,700 ) to manipulate the price of liquidity tokens.The hackers' wallet still holds funds from the attack, including $6.43 million in the DAI stablecoin and 880 ETH ($1.36 million).
Representatives of Team Finance called on hackers to return most of the stolen goods in exchange for a reward and promises not to prosecute the attackers.This is standard practice in such cases.
Previously, the Moola Market DeFi protocol lost
assets worth $9 million during a hacker attack.
Read this:
Hacker stole $3.5 million from Nirvana Finance's DeFi project with an instant loan
PeckShield: DeFi Blur Finance project team fled with users' money
The hacker who hacked Crema Finance returned most of the funds
Hackers stole $ 35 million from the Vee Finance DeFi project
Crema Finance protocol based on Solana stopped working due to a hacker attack
The hacker stole about $1.2 million as a result of the attack on the landing project Inverse Finance