Attacker Exploits Rounding Issue to Steal $2.1 Million From Onyx Protocol
DeFi project Onyx Protocol has fallen victim to a security breach, losing more than $2 million worth of crypto assets.
According to a recent post by blockchain security firm Polyzoa, the attacker exploited a rounding issue within the Onyx Protocol to steal $2.1 million worth of funds from the platform.
“The attacker exploited this issue to steal $2.1M from the oPEPE market, which had been deployed just five days prior with no liquidity,” the post read.
To execute the exploit, the attacker initiated their scheme by making a seemingly innocuous donation of a small sum to the oPEPE market.
This enabled them to borrow a substantial amount of funds from other markets that possessed ample liquidity. The donated funds were utilized as collateral for the borrowing process.
“The attacker then redeemed the borrowed funds, exploiting the rounding issue to make a profit.”
It is worth noting that this attack bears similarities to the exploit employed in the Hundred Finance hack.
In that instance, the attacker manipulated interest rates to borrow a higher sum than anticipated, ultimately achieving their malicious objectives.
Onyx Protocol is a blockchain-based technology company that claims to provide a wiser economic model.
The project creates cryptographic ledgers and cloud infrastructure that supports Web3 services and financial products.
Onyx Protocol has not yet addressed the attack.
An attacker exploited a known rounding issue in the Onyx Protocol to steal $2.1M.
The Onyx Protocol hack was the result of a known rounding issue in the popular CompoundV2 fork. The attacker exploited this issue to steal $2.1M from the oPEPE market, which had been deployed just…
— Polyzoa (@Polyzoa_xyz) November 1, 2023
Just yesterday, MetaMask announced that it
Read more on cryptonews.com
