What's Hot

    Ripple (XRP): Launch of the CBDC Innovate Challenge

    June 30, 2022

    a very unprofitable cryptocurrency

    June 30, 2022

    Elrond (EGLD) creates an NFT platform for Romania

    June 30, 2022
    Facebook Twitter Instagram
    Facebook Twitter Instagram
    THECRYPTNEWS
    • Home
    • News
    • Guides
    • NFT
    • Analysis
    THECRYPTNEWS
    Home » Hacked Grim Finance’s Auditors Blame New Analyst For Missing the Issue
    News

    Hacked Grim Finance’s Auditors Blame New Analyst For Missing the Issue

    AdminBy AdminDecember 20, 2021No Comments3 Mins Read
    Share
    Facebook Twitter LinkedIn Pinterest Email


    Source: AdobeStock Rawpixelcom

    Auditors of the decentralized finance (DeFi) platform Grim Finance, which was exploited for USD 30m worth of digital assets on Sunday, claim that a new analyst had conducted the protocol’s audit while their Chief Technology Officer (CTO) was on vacation.

    On December 19, Grim Finance informed users that the project was exploited by an external hacker. “The attacker attacked using the function titled beforeDeposit () from our vault strategy entering a malicious token contract,” the team detailed.

    Approximately four months ago, Grim Finance was audited by Solidity Finance, a smart contract auditing service. The service said that the issue slipped through their auditing process as they were overwhelmed by the number of projects and busy onboarding new analysts.

    “When conducting the Grim Finance audit ~ 4 months ago, our firm was experiencing rapid growth and hiring. This audit was performed by an analyst who was new to the team & while our CTO was on vacation; and unfortunately this issue was not caught in our peer review process, “Solidity Finance said.

    According to Rugdoc.io, a DeFi watchdog, the Grim Finance hacker used a reentrancy attack, faking additional deposits into a vault while an initial transaction was still going. This way, they managed to withdraw more funds than they had truly deposited into the vault.

    Rugdoc.io also criticized Grim Finance over its weak security measures, suggesting that the project should have used a reentrancy guard, which can prevent more than one function from being executed at a time by locking the contract.

    “Hopefully all projects can draw lessons from this incident that there is much knowledge most experienced solidity devs have at hand,” Rugdoc.io tweeted. “If you haven’t acquired this yet, don’t build multi-million dollar projects. Don’t get audits from companies which everyone knows are useless.”

    Following the hack, the Grim Finance team said that the vaults have been paused “to prevent any future funds from being placed at risk” and recommended users withdraw their funds as all of the vaults and deposited funds are at risk.

    “We have contacted and notified Circle (USDC), DAI, and AnySwap regarding the attacker address to potentially freeze any further fund transfers, “the team said.

    Meanwhile, the project’s native token GRIM plunged by 81.2% at the early hours of the hack, falling from nearly USD 0.8 to USD 0.15, according to CoinGecko. At 10:07 UTC, the coin is up 3.3% over the past 24 hours, and down 55% over the past week, trading at USD 0.25.

    ____

    Learn more:

    – Crypto Security in 2022: Prepare for More DeFi Hacks, Exchange Outages, and Noob Mistakes
    – What Did We Learn from the MonoX Hack?

    – Hacked Vulcan Forged Says It Has Refunded ‘the Majority’ of Affected Users
    – Hacked AscendEX to Reimburse Users, Says ‘Relatively Small Percentage’ Impacted

    – Hacked Bitmart to Compensate Crypto Traders After USD 200M Loss
    – Badger DAO Appears to Have Lost Over USD 120M in an Attack



    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Admin
    • Website

    Related Posts

    Work on a Multi-CBDC Platform Has Revealed ‘More Questions Than Answers’ – BIS

    March 22, 2022

    Japan’s Crypto Exchanges Set to Speed ​​Up and Simplify Crypto Listing Process

    March 22, 2022

    Crypto Donations To ‘Freedom Convoy’ Evade Government Seizure

    March 22, 2022

    DeFiance Founder’s USD 1.76M Loss is a Lesson For NFT Investors

    March 22, 2022
    Add A Comment

    Leave A Reply Cancel Reply

    Recent Posts

    • Ripple (XRP): Launch of the CBDC Innovate Challenge
    • a very unprofitable cryptocurrency
    • Elrond (EGLD) creates an NFT platform for Romania
    • Warren Buffet: His bank Nubank becomes conducive to cryptocurrency trading
    • Vitalik Buterin explains why and how he created Ethereum (ETH)

    Recent Comments

    No comments to show.

    Subscribe to Updates

    Get the latest sports news from THECRYPTNEWS.

    Advertisement

    Archives

    • June 2022
    • May 2022
    • April 2022
    • March 2022
    • February 2022
    • January 2022
    • December 2021

    Categories

    • Analysis
    • Guides
    • News
    • NFT

    The leader in news and information on cryptocurrency, digital assets and the future of money, THECRYPTNEWS is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies.
    We're social. Connect with us:

    Facebook Twitter Instagram Pinterest YouTube WhatsApp Reddit
    Top Insights

    Ripple (XRP): Launch of the CBDC Innovate Challenge

    June 30, 2022

    a very unprofitable cryptocurrency

    June 30, 2022

    Elrond (EGLD) creates an NFT platform for Romania

    June 30, 2022
    Get Informed

    Subscribe to Updates

    Get the latest creative news from THECRYPTNEWS

    Facebook Twitter Instagram Pinterest
    • Home
    Copyright © 2021 Thecryptnews.com

    Type above and press Enter to search. Press Esc to cancel.

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
    CookieDurationDescription
    cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
    cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
    cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
    cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
    cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
    viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
    Functional
    Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
    Performance
    Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
    Analytics
    Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
    Advertisement
    Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
    Others
    Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
    SAVE & ACCEPT

    DMCA - Terms and Conditions - Privacy Policy