ARB
by BSCN
January 22, 2024
The attack exploited a "social engineering attack" to compromise the private key for the protocol's deployer account, allowing the perpetrator to upgrade vaults, mint new LP tokens, and drain assets from the vaults.
ConcentricFi, a decentralized finance platform on the Arbitrum network, has confirmed a substantial security breach resulting in losses totaling approximately $1.8 million.
The attacker employed a "social engineering attack" to compromise the private key for the protocol's deployer account. Subsequently, the compromised key was utilized to execute actions such as upgrading the vaults, minting new LP tokens, and draining the vaults of their assets, according to statements from the ConcentricFi team.
In response to the breach, ConcentricFi advised users to revoke approvals from all vault addresses listed in the protocol's documents.
According to blockchain security platform CertiK, over $1.8 million has been lost in the attack so far. The attacking wallet has been linked to a wallet involved in the OKX decentralized exchange exploit on December 13, suggesting a potential connection between the two incidents.
Utilizing a Concentric contract's adminMint function, the attacker minted CONE-1 tokens and then used the "burn" function to redeem these tokens for AlgebraPool funds. This process was repeated multiple times, allowing the attacker to acquire various ERC-20 tokens later exchanged for Ether.
ConcentricFi issued a warning, urging users to refrain from interacting with the protocol due to the ongoing security incident. The Concentric team has initiated an investigation and committed to providing a post-mortem report with a plan to address the identified vulnerability.
The announcement of the breach had an immediate impact on the market, with Concentric.fi (CONE) prices experiencing a sharp decline of 60% and trading at $0.7571.
Disclaimer
Disclaimer: The views expressed in this article do not necessarily represent the views of BSCNews. The information provided in this article is for educational and informational purposes only and should not be construed as investment advice. BSCNews assumes no responsibility for any investment decisions made based on the information provided in this article
Latest News
4h : 43m ago
Binance Labs' New Investment: What is Perena?
7h : 28m ago
Arbitrum Foundation and Ubisoft Team Up to Launch Netflix Series-Inspired Web3 Shooter Game
8h : 58m ago
Brian Quintenz Emerges as Front-Runner for CFTC Chair Role Under Trump
December 11, 2024
Circle and Binance Form Strategic Partnership to Drive Global Adoption of USDC
December 11, 2024
Coinbase Institutional Integrates Chainlink into Project Diamond for Secure Tokenized Asset Management
December 11, 2024
Ripple's RLUSD Stablecoin Receives NYDFS Approval, Launch Imminent
December 10, 2024
Baby Doge Coin Hits All-Time High, Surpasses $1B Market Cap
December 10, 2024
Floki Launches Crypto Debit Card in 31 European Countries with Mastercard Partnership