Hacker takes advantage of Polygon blockchain flaw
In the framework of a publication on his blog, the society Polygon disclosed information about the recent update to its network and that a hacker took advantage of a flaw in its protocol to steal 801 601 MATIC tokens.
Indeed, on December 3, a group of ethical hackers (also called ” white hat ») Reported to Immunefi, a platform that offers a bounty system for finding bugs, the existence of a vulnerability in the PoS Genesis Polygon contract.
The central Polygon team therefore worked closely with them. in order to quickly introduce a fix.
This is why an update was carried out on December 5, at block number 22 156 660, whose objective was to end the vulnerability of the MRC20 contract (function used for gasless transactions on the network).
The initiative had no impact on the protocol and on network users. However, despite the prevention of these ” white hat »And a rapid intervention to correct this flaw, a hacker took advantage of this vulnerability.
The latter indeed stole 801,601 MATIC tokens, just before the hardforking, for an amount of almost $ 2 million at the current price.
The team announced that it would bear the cost of the stolen tokens in addition to the $ 3.46 million bounty paid to ethical hackers for informing the Polygon team of this flaw.
“All projects that have some success find themselves in this situation sooner or later. Importantly, it tested the resilience of our network as well as our ability to act decisively under pressure. Considering the importance of the issue, I believe our team made the best possible decisions under the circumstances, ”said Polygon co-founder Jaynti Kanani.
This kind of attack is not a first in this sector
Despite audits or verifications on the code, vulnerabilities can persist and this unfortunately benefits hackers.
Also, this is not the first time that a hacker has taken advantage of a vulnerability within a protocol, especially in decentralized finance (DeFi). Recently, the Bitcoin-focused DeFi BadgerDAO protocol (BTC) suffered a large-scale attack from a hacker: nearly $ 120 million was stolen through the intermediary. a flaw in the user interface.
Nevertheless, some pirates act benevolently by warning society of a vulnerability in return a reward that often comes down to a percentage of the amount stolen.
This happened in particular to the decentralized exchange THORchain which had suffered a loss of $ 8 million in cryptocurrency.
👉 To discover – A hacker steals $ 30 million from users of the Grim Finance protocol
Receive a recap of crypto news every Sunday 👌 And that’s it.