Dough Finance flash loan attack: What we know so far – CoinJournal | CPT PPP Coverage
Cryptopolytech (CPT) Public Press Pass (PPP)
News of the Day COVERAGE
200000048 – World Newser
•| #World |•| #Online |•| #Media |•| #Outlet |
View more Headlines & Breaking News here, as covered by cryptopolytech.com
Dough Finance flash loan attack: What we know so far – CoinJournal appeared on coinjournal.net by Charles Thuo.
- Dough Finance lost $1.8M in a flash loan attack due to smart contract vulnerability.
- Attacker exploited unvalidated calldata stealing USDC before converting the assets into 608 ETH.
- Users urged to withdraw funds to secure wallets.
Dough Finance has fallen victim to a significant flash loan attack, resulting in a staggering loss of digital assets worth approximately $1.8 million.
The attack, which exploited vulnerabilities in the protocol’s smart contract, highlights ongoing security challenges within the cryptocurrency space, and specifically within the DeFi space.
What happed in the Dough Finance attack?
The attack, detected on July 12 by Web3 security firm Cyvers, targeted Dough Finance’s “ConnectorDeleverageParaswap” smart contract.
This contract, designed to facilitate transactions within the DeFi platform, failed to adequately validate call data during flash loan executions giving the attacker a chance to manipulate transaction details and illegally transfer of 608 Ether (ETH), valued at approximately $1.8 million at the time of the attack.
The funds, originally in the form of USD Coin (USDC), were swiftly converted into ETH using the zero-knowledge protocol Railgun, complicating efforts to trace and recover the stolen assets.
Who were affected by the flash loan attack?
The Dough Finance flash loan attack primarily affected users who had funds deposited in the exploited contract of Dough Finance.
While the lending pools of Aave, another prominent DeFi platform, remained unaffected, the incident underscores the vulnerability of smart contracts and the potential risks associated with decentralized finance protocols.
Security experts, including Olympix, emphasized the importance of users withdrawing their funds to secure wallets and refraining from interacting with Dough Finance until the platform issues clear guidance on safety measures.
Attention @DoughFina Users: Exploit Alert!
Dough finance has been exploited for roughly ~$1.8 million in USDC! Here’s a breakdown of the situation based on available information:
?What Happened?
The exploit stemmed from unvalidated calldata within the… pic.twitter.com/NBcCwsMl10
— Olympix (@Olympix_ai) July 12, 2024
Remarkably, the attack on Dough Finance adds to a concerning trend of security breaches plaguing the cryptocurrency industry in 2024.
According to a recent report by CertiK, on-chain attack incidents have already led to losses exceeding $1.19 billion in the first half of the year, with phishing attacks and private key compromises contributing significantly to these figures.
FEATURED ‘News of the Day’, as reported by public domain newswires.
View ALL Headlines & Breaking News here.
Source Information (if available)
This article originally appeared on coinjournal.net by Charles Thuo – sharing via newswires in the public domain, repeatedly. News articles have become eerily similar to manufacturer descriptions.
We will happily entertain any content removal requests, simply reach out to us. In the interim, please perform due diligence and place any content you deem “privileged” behind a subscription and/or paywall.
CPT (CryptoPolyTech) PPP (Public Press Pass) Coverage features stories and headlines you may not otherwise see due to the manipulation of mass media.
First to share? If share image does not populate, please close the share box & re-open or reload page to load the image, Thanks!