Prior to the execution of the exploit, these monies were then transferred to the Fantom network.
Source: The Crypto Times
Digital assets worth over $7 million were stolen because of a vulnerability on the Fantom chain that affected the decentralized lending platform of Polter Finance.
On November 17, the platform verified the vulnerability, stating that the attacker started the hack with money that was initially got through Ethereum’s Tornado Cash.
Information About the Exploit
The hack was initiated after the attacker received funding using Tornado Cash, an Ethereum privacy-preserving platform. They then transferred the cash to the Fantom network, launching the attack while maintaining the chain’s secrecy and interoperability. The fraudulent transaction logged in FTMScan exploited weaknesses in the Polter Finance system to siphon a significant quantity of cash.
Operations at Polter Finance Are Paused
Polter Finance declared that they have paused the platform in a post on X. After discovering an exploit, they took this action to stop additional harm. The team also informed of the breach important bridge operators.
“We located the wallets that were involved and linked them to Binance.” Our investigation into the exploit’s nature is ongoing. We’re currently getting in touch with the authorities,” the team added.
The team has communicated with the exploiter on-chain, stating that they are open to a negotiation and will not take legal action if the hacker restores the money that was stolen.
Polter Finance negotiates with the hacker through an onchain message. Source: Polter Finance
Meanwhile, a weakness known as an “empty market” problem was blamed for the tragedy by some analysts. A flaw in DeFi platforms or smart contracts is referred to as an empty market vulnerability. Attackers take advantage of this vulnerability when market activity or liquidity is extremely low. Attackers can more easily alter prices, deceive the platform, or take advantage of its computations.
However, another researcher asserted it was a “faulty oracle price” rather than an empty market problem.
Cryptocurrency Hacks Are Increasing
The recent event coincides with an increase in phishing attacks that are affecting the blockchain sector. Phishing-related losses in 2024 topped $800 million, according to blockchain security company CertiK, and were caused by more advanced hacking methods.
According to CertiK, there have been 247 phishing events reported so far in 2024, with the most attacks (82 cases) occurring in the first quarter.
Hackers have been changing their strategies, combining more conventional techniques with innovative tools like Angel Drainer and Pink Drainer. The acquisition of Inferno Drainer by Angel Drainer is noteworthy because it portends the emergence of more effective phishing tactics.
