OVIX, a Polygon-based lending protocol, not too long ago suffered a significant setback after being hit by an exploit that value the platform a minimum of $2 million.
In response, OVIX quickly halted its POS and zkEVM operations whereas it labored to deal with the problem and reduce the affect on its customers.
The intrusion was initially reported by blockchain safety firm CertiK, and was later substantiated by Arkham Intelligence.
The OVIX protocol permits borrowing in opposition to quite a lot of stablecoins, together with Ethereum derivatives and Polygon’s native MATIC token, in addition to Aavegotchi’s staked token, vGHST.
Arkham claims that the exploiter intentionally raised the value of vGHST with a view to receive substantial USDC in loans. As soon as on the Ethereum (ETH) mainnet, the hacker exchanged the stablecoins for 757 ETH.
The intruder utilized the borrowed stablecoins to realize entry to the vGHST lending pool and the OVIX lending platform.
Pumping The Value Of GHST
Blockchain information from CoinMarketCap exhibits that they borrowed substantial quantities of vGHST, driving up the value of the native foreign money $GHST by as a lot as 25% in simply half an hour.
The perpetrator made off with the collateral and later traded it in for extra tokens.
The Aavegotchi blockchain gaming mission makes use of vGHST as its staking token. It serves because the share token for the native Aavegotchi token, $GHST.
Blocksec, a safety and auditing group, has verified that the worth of vGHST was elevated artificially, and that the pricing oracle was tampered with.
The hacker had used the vGHST token to use the protocol, based on the findings of a examine by blockchain safety agency PeckShield.
0VIX is working with its safety companions to look into the present scenario that appears to be associated to vGHST.
Because of this, POS and zkEVM markets have been paused this consists of pausing oToken transfers, minting, and liquidations.
Solely POS has been at the moment affected however zkEVM…
— 0VIX | reside on zkEVM (@0vixProtocol) April 28, 2023
In an announcement launched on April twenty eighth, OVIX acknowledged the problem and mentioned it was investigating the matter with its safety companions.
In keeping with CoinGecko, the worth of GHST elevated from $1.13 to $1.41.
OVIX Suspends Buying and selling
OVIX has suspended buying and selling in POS and zkEVM due to the breach. As well as, it was acknowledged that this may have penalties for oToken issuance, switch, and liquidation.
Such assaults, identified within the DeFi group as “value oracle manipulation hacks,” are widespread.
When discussing vulnerabilities in decentralized finance (DeFi) programs, the time period “value oracle manipulation hacks” is usually used.
DeFi platforms can get real-time information on the worth of a number of cryptocurrencies and different property by way of value oracles, that are exterior providers.
Manipulating the costs reported by the oracle or compromising the oracle’s information feed are each strategies of manipulating pricing oracles.
To facilitate different assaults, similar to flash loans or liquidity pool exploits, attackers may make the most of this phony info to artificially inflate or deflate the worth of property.
The time period “flash mortgage assault” is used to explain a particular form of hack used to control pricing oracles. An attacker on this state of affairs would borrow closely from a DeFi platform, inflate the asset’s precise worth with fabricated information, after which promote it on the inflated value.
As soon as the mortgage is paid again, the attacker retains the proceeds.
Whole market cap of cryptocurrencies as of Sunday unchanged at $1.16 trillion. Chart by TradingView.com
The Problem In Detection
Due to the interconnected nature of many DeFi platforms and value oracles, it may be difficult to detect and forestall manipulation assaults on these programs.
Safety procedures, similar to multi-signature authentication and information verification strategies, needs to be carried out by DeFi platforms and pricing oracle suppliers to cut back the chance of those assaults.
Official message to the attacker:
At 8am UTC 1 Might 2023 the regulation enforcement course of is scheduled to start within the absence of any funds being returned.
We’ll take the leads we’ve gotten to this point (thanks to the general public for these), mix it with our tracing we’ve already executed on…— 0VIX | reside on zkEVM (@0vixProtocol) April 29, 2023
In the meantime, the OVIX protocol has launched an announcement, which warns the perpetrators that authorities will get entangled in the event that they don’t reply.
-Featured picture from Crypto Every day
