Hack attacks are quite common for cryptocurrency businesses. It is worth noting that the PoW tokens like Bitcoin and Ethereum that require higher computing power are considered more secure in comparison to the PoS staking model currencies that rely on smart contracts. The latest mega hack attack on a DeFi project happened on a DAO-based token called DEUS.
According to the media reports, the hackers were able to get away with $13.4 million worth of DEUS tokens native to the DAO. The event is very current as it happened on the morning of the present day. It is worth mentioning that DEUS was a DAO blockchain project that allowed the users to connect with different blockchains using Layer 1 networks. The users on the network were able to access multi-chains such as Ethereum, Fantom, BNB, and a few others.
The first security audit report of the incident reveals that hackers used flash loan vulnerabilities to exploit the network. Flash loaning is a function that was introduced by the Ethereum DeFi project called Aave. In this manner, the investors were able to lend the money without any limitations or provide collateral if they were able to repay the loan amount remaining in the ongoing transaction.
The hackers used this protocol to exploit the Fantom liquidity pool and get away with stealing the massive amounts of cryptocurrencies. An important factor to take into consideration here is that several fintech auditors have marked Flash loans as dangerous due to their tendency to attract hackers in the past. PeckShield security analyst pointed out that the DEUS hackers followed in the footsteps of the hackers before them for similar heists.
PeckShield analysts also shared that the hackers were able to pump the prices of DEUS native stablecoin called DEI token. Later on, they used the artificially inflated DEI stablecoins to borrow heavily from the DAO project and offered USDC as collateral. When the hackers paid off their flash loan, they were able to make $13.4 million in profits.
DEUS Developers are Trying to Recover Funds
In the next phase of their attack, hackers transferred their earnings from Fantom and converted them into Ethereum tokens. Some amount of their steal was exchanged for Tornado Cash coin. Tornado Cash coins are privacy-efficient cryptocurrencies that are based on the Ethereum network, quite similar to Monero and due to its cognitive abilities, the token is quite popular among hackers. DEUS developers have issued a statement claiming that the funds of the users are secure, and DEI lending was temporarily disabled. Last month the DAO suffered from another $3 million flash loan attack.