Layer 1 Elrond network hacked and over $1.65 million worth of tokens stolen and was thrown into the market, causing a massive 95% drop in the EGLD token, Wu Blockchain reports. The attack was allegedly aimed at a certain exchange.
There are at least three addresses associated with the exploit, ending with f854j, fu950 and 4ww0rt. These addresses were created simultaneously and funds were received from the Binance exchange. After receiving some money from the exchange, they have deployed a smart contract with a “deployment” function.
A security breach occurred in Elrond, an L1 network. The hackers got around $1.65 million worth of EGLDs for free, and sold them through Maier DEX, resulting in a 92% drop. Currently, the authorities have suspended the DEX and related APIs. https://t.co/Odv0Yi0JQV— Wu Blockchain (@WuBlockchain) 7 June 2022
Over the next hour, a new operation with the Withdraw function took place, after which the hackers received $1.65 million worth of tokens. Unfortunately, it is not clear how hackers could withdraw such huge amounts of money with just one operation.
Some developers provided their own version of the hack that relies on flaws in the liquidity of wEGLD and EGLD smart contracts. However the loophole is not clear, as it may be linked to the exchange or the network side.
After stealing funds, hackers are trying to hide their tracks by deliberately creating new addresses and moving funds from one network to another. Unfortunately for them, it is nearly impossible to make money disappear without using coin mixing solutions.
Fortunately, 95% was only present on the EGLD/USDC trading pair as the EGLDUSDT trading pair on the KuCoin cryptocurrency exchange remained intact with no unusual volatility on the charts.
Reportedly, DEX’s API has been prevented from determining the actual cause of the exploit and working towards refunding the money or recovering the damages. If hackers decide to withdraw their funds using the USDC stablecoin, they may fail due to the centralized nature of the coin.