- Attackers stole approximately $1.8 million from Dough Finance.
- This attack exposed several security issues in the platform.
- Not all Dough Finance users were affected.
In a shocking turn of events, a flash loan attack hit some Dough Finance users hard, stealing thousands of dollars. On June 12, 2024, Cyvers, a security company that provides real-time detection and prevention of cryptocurrency attacks, detected suspicious activity on the protocol.
As soon as the company noticed the unusual activity, it contacted Aave, the lending protocol, to determine what impact the hackers had.
While Aave has confirmed that its pools were intact and unaffected, Dough Finance, a liquidity protocol on the Ethereum network, was the hardest hit by the attack.
Not all Dough Finance users were affected. Only those with funds tied to the affected smart contract were affected. Despite the losses, is includedMany Dough Finance users are still concerned about the safety of their funds and the continued use of decentralized finance (DeFi) protocols.
all small A vulnerability in Dough Finance’s smart contract, “ConnectorDeleverageParaswap,” gave the hackers the advantage they needed: they were able to manipulate the contract by failing to validate the data received during a call for a flash loan. Basically the contract is failed to properly check or crosscheck data.
The theft occurred when the attacker swapped existing Ether (ETH) for stolen USDC, which was much less valuable. This manipulation allowed the hacker to steal approximately $1.8 million worth of ETH.
The attackers attacked the platform multiple times, resulting in even greater losses. The second attack resulted in losses of over $140,000. The Dough Finance team is currently investigating the cause of the attack and the extent of its impact. Working Strengthens the security of the platform.
Some security experts have advised Dough Finance users to consider moving their funds to other platforms or wallets until the team confirms the platform’s security. Users have also been advised to consider moving their funds to other platforms or wallets until the team confirms the platform’s security. smart Now we have a contract to protect our assets.