On Thursday, March 28, a hack occurred on Prisma Finance, a decentralized lending protocol on the Ethereum community. The exploiter carted away about 3,257.7 ETH (equal to $11.6 million) through a flash mortgage assault on the protocol.
On Friday, March 29, the Prisma Finance hacker transferred among the proceeds from the theft to crypto mixer Twister Money in a number of transactions. Based on PeckShield, $2.7 million in ETH was moved in a single transaction and $3.8 million in one other.
What’s most fascinating is the hacker despatched an on-chain message barely six hours after the assault via one of many addresses linked to the heist, claiming they’re a “white hat hacker.” And the exploiter has continued to ship on-chain messages to Prisma Finance’s group for the reason that theft occurred.
Was Prisma Finance ‘Sloppy’ In The $11.6 Million Loss?
In a collection of on-chain messages, the exploiter criticized the group behind Prisma Finance for not catching the loophole within the protocol, which allowed the exploit to happen within the first place. The hacker additionally requested a web based press convention during which the protocol’s group would reveal their identification whereas apologizing and appreciating their customers and buyers.
The attacker stated within the message:
Throughout that session, it’s essential to particularly current the error you made, which social gathering audited the sensible contract, and your plan to enhance safety sooner or later (what you’ll do earlier than deploying a brand new contract, the way you react when one thing you don’t anticipate comes, and so on.).
The hacker additionally emphasised the necessity for customers to be extra cautious within the decentralized finance (DeFi) trade and when interacting with numerous sensible contracts. “I stay up for your on-line convention. After it occurs, the quantity I’d hold and the quantity that I can ship to you’ll be mentioned (keep assured, most of it might be returned), and the notes can be despatched to your e mail,” the hacker added.
A specific accusation that caught the attention within the hacker’s newest message is that “no skilled builders can simply make that mistake.” The attacker stated that if they’d not exploited the loophole within the sensible contract, it might have been the “excellent backdoor” for the protocol’s group.
As of this writing, Prisma Finance has paused all operations on its protocol. In the meantime, the full worth locked (TVL) on the platform stands at about $85.65 million, down by 61% for the reason that hack.
Crypto Hack Losses Witness Decline In 2024 Q1: Report
In a brand new report by Immunefi, the cryptocurrency trade suffered comparatively fewer losses on account of hacks and scams within the first quarter of 2024. In comparison with 2023’s first quarter, the worth misplaced to exploits and cyber assaults is down by 23%.
Whole hack incidents within the first quarter of 2024 | Supply: Immunefi
Based on the blockchain safety agency, roughly $336.3 million was misplaced to hacks and scams within the first quarter of 2024. Particularly, Immunefi recognized 46 hacking incidents and 15 instances of fraudulent actions.
Moreover, the report revealed that DeFi protocols are nonetheless the first targets for cyber attackers, accounting for all of the reported hack incidents in Q1. Notably, the cross-chain protocol Orbit Bridge suffered the most important exploit prior to now three months, dropping about $82 million on January 1.
Whole cryptocurrency market cap at $2.581 trillion on the day by day timeframe | Supply: TOTAL chart on TradingView
Featured picture from Medium, chart from TradingView