Hackers stole another $390,000 from a second DeFi altcoin project just days after the $180 million Euler Finance attack. The price of the DeFi token was reset for minutes.
Second altcoin hack in last two days: $390,000 stolen
Web3 projects pre-sale platform Poolz Finance (POOLZ) fell victim to a $390,000 hack on the Binance Smart Chain and Polygon networks, according to an alert issued by blockchain security firm PeckShield on the day.
On March 15, hackers exploited an arithmetic overflow issue in Poolz Finance, stealing hundreds of thousands of dollars in cryptocurrencies, causing the platform to lose more than 93% of the value of the native POOLZ token.
Autopsy report of Poolz Finance (POOLZ) hack
According to PeckShield, the initial analysis points to an arithmetic overflow issue with Poolz Finance. In computer science, it is a larger computing efficiency issue versus relatively smaller storage system. Meanwhile, PeckShield identified a pattern repeated by the same sender in the Token Vesting contract.
Poolz is a cross-chain IDO platform. Its infrastructure allows crypto projects to raise funds before they go public. However, the POOLZ price has lost more than 95% after the day’s hack. POOLZ’s current $0.19 price is 99% lower than ATH. About two years ago, in April 2021, POOLZ reached its peak price of $50.89.
Euler Finance was the first victim
As we quoted as Kriptokoin.com, hackers took advantage of a vulnerability in the DeFi protocol Euler Finance on March 13. Hackers seized more than $195 million in cryptocurrencies from the platform in a flash loan attack. Following this, Euler sent the hacker an on-chain message: “If 90% of the money is not returned within 24 hours, we will launch a $1 million bounty tomorrow for information leading to your arrest and the full refund of your money”.
DeFi altcoin market lost $3.8 billion to hackers during 2023
In February, Platypus lost more than $8.5 million in a flash loan attack. According to a report by Chainalysis, 2022 lost $3.8 billion worth of cryptocurrencies, making it the biggest year for hacking. Most of this money came from DeFi protocols.
According to David Schwed, Director of Operations at blockchain security firm Halborn, these are based on a Web2 attack model. “Most of the attacks we see are not necessarily web3-driven, key theft attacks,” he said in a conversation with Chainalysis. These are traditional Web2 attacks with web3 implications.”