A loss of $ 55 million for bZx
The bZx decentralized loan protocol suffers a fourth attack in 2 years. This time the assailant (s) managed to steal more than $ 55 million. Blockchain security firm SlowMist has issued an alert stating that the private keys controlling the deployment of the protocol on Polygon (MATIC) and Binance Smart Chain (BSC) have been compromised.
The bZx team advised people who interacted with the protocol on these two networks to revoke the trusts as quickly as possible. bZx also stated that the protocol’s smart-contracts were not affected by this private key leak. In addition, the deployment of the project on Ethereum (ETH) would be out of reach of hackers.
At the time of publication, the loot is kept on 7 separate addresses that would be controlled by the hacker. According to the data, the address with the most funds holds around $ 18.4 million.
4th attack in 2 years
bZx suffered a total of 4 attacks in less than 2 years, losing a total of approximately $ 64 million. A sum that places the protocol in the top 5 of the greatest losses by a DeFi protocol:
Ranking of DeFi protocol losses – Source: Rekt News
Last year, bZx was the subject of two hacks. In February 2020, when the Locked-in Value (TVL) committed across all DeFi protocols was less than $ 1 billion, bZx was caught off guard by a vulnerability related to margin lending.
A vulnerability dating from September 2020 had also drained 30% of the funds blocked in the bZx protocol, or about $ 8 million. At that time the protocol was subject to a thorough audit by two security companies, Peckshield and Certik. The audits lasted 12 weeks and 7 weeks respectively.
Between the attacks, the bZx protocol had had our code re-audited by other companies, but this did not seem to have been very effective.
👉 On the same theme – A hacker steals more than $ 130 million from the Cream Finance protocol
Receive a recap of crypto news every Sunday 👌 And that’s it.
About the author: Florent David
Engaged in the crypto ecosystem since 2017. I am particularly interested in decentralized finance (DeFi), Ethereum 2.0 and non-fungible tokens (NFTs).
All articles by Florent David.