This is a section from the drop newsletter. To read full versions, subscribe.
Now we know more about the bug that was exploited last week, resulting in more than $ 220 million in the funds of the needle-based dex settus and stolen funds.
On Monday, needle It has been told The defect promised to increase $ 10 million as “a bug in a sets math library” and to improve the needle safety more widely. Which includes one Bug Bounty ProgramPlus needle-funded safety audit for chains using projects.
Blockchain security firm deadb Explained In that attack, a liquidity pool with deliberate “extremely high value” was incorrectly incorporated.
“This allowed them to add a large -scale liquidity situation with just 1 unit of token input, later the pool was collectively dragged with hundreds of million dollars tokens,” the firm wrote.
By May 26, seat Said That most swipe crypto (roughly $ 162 million) Two needles remained frozen in the purse, while the remaining funds of theft were already converted into ETH by the attacker.
“Cetus Sui has been one of the Defi teams that have invested the most in Smart Contract Audit and System Safeguard. Unfortunately, reality we always want, as we want,”. “Many rounds of audit on the underlying contracts and dependent Open-SOS library were jointly given by developers with their comprehensive and successful use-we gave a meaning that we did enough. In Handsite, we allowed ourselves to rest our vigilance. This painful lesson has shown us: We have to do more.”
Ahead dex Said Last week it has not been heard from the hacker yet.
The needle is not the only one that Crypto has recently swipe on its series due to an exploitation. On a very small scale, Cardex, a game on the abstraction, there was a defect that resulted in at least $ 500,000 from users of that app to the beginning of this year.
Not being allowed means that more people can manufacture with low inspection in the ecosystem of a chain, getting closer to financial decentralization, one of the basic objectives of the crypto.
But this also means that a series reputation can take a hit when some apps that use it, decrease on the security front-millions of often have headline-generating exploitation and loss.
“Security audits are naturally incomplete,” wrote The CO of Blocksac, which goes by Orlando on X in response to the incident. “In 2023, the entire Crypto Bazaar spent $ 1 billion on security audit, yet $ 2 billion in the property was still stolen.”
Get news in your inbox. Explore blockwork newsletters:
