A scorching hot decentralized finance (DeFi) hack summer continues, with the latest in a string of at least eight protocols to fall victim to an exploit since early June being Acala Network - and it is at least the fourth one in August alone.
The incident saw the network's Polkadot (DOT)-based stablecoin Acala Dollar aUSD lose its dollar peg and plunge by more than 99%. On Monday morning at 7:20 UTC, aUSD is trading at USD 0.00898, down by 9% over the past 24 hours and 99.1% in a week, according to CoinGecko.
Meanwhile, Acala (ACA) token is down 7.5% in a day and 18% in a week, trading at USD 0.267.
Acala Dollar (AUSD) 7-day price chart:
What led to this is that over the weekend, bad actors had managed to exploit a vulnerability in the Acala network's newly-deployed iBTC-aUSD liquidity pool to issue more than a billion aUSD tokens, Acala’s native stablecoin.
At the time of writing, the wallet believed to belong to the attacker contains aUSD 1.267bn.
Acala's official Twitter account confirmed the hack. "We have identified the issue as a misconfiguration of the iBTC/aUSD liquidity pool (which went live earlier today) that resulted in error mints of a significant amount of aUSD."
The misconfiguration has since been rectified and wallet addresses that received the errorneously minted aUSD have been identified, with on-chain activity tracing in respect of these addresses underway2/
In a follow-up tweet, the team claimed that they have "rectified" the issue and also identified the wallet addresses that "that received the erroneously minted aUSD," saying that they will be tracing their on-chain activity.
"Based on preliminary on-chain tracing, 99%+ of the erroneously minted aUSD remain on Acala parachain with a small proportion of
Read more on cryptonews.com