[
On Thursday, March 28, a hack occurred on Prisma Finance, a decentralized lending protocol on the Ethereum community. The exploiter withdrew roughly 3,257.7 ETH (equal to $11.6 million) by means of a flash mortgage assault on the protocol.
On Friday, March 29, the Prisma Finance hacker transferred a number of the proceeds from the theft to crypto mixer Twister Money in a number of transactions. In keeping with PeckShield, $2.7 million ETH was transferred in a single transaction and $3.8 million in one other.
Most apparently, the hacker despatched an on-chain message through one of many addresses related to the heist barely six hours after the assault, claiming that they have been “white hat hackers.” And because the theft, the exploiter has continued to ship on-chain messages to the Prisma Finance staff.
Was Prisma Finance 'blatant' in $11.6 million loss?
In a sequence of on-chain messages, the exploiter criticized the staff behind Prisma Finance for not catching the flaw within the protocol that allowed the exploit to happen within the first place. The hacker additionally requested a web based press convention by which the protocol's staff would reveal their id whereas apologizing and appreciating their customers and traders.
The attacker mentioned within the message:
Throughout that session, you’ll particularly be requested to establish the error you made, which social gathering audited the good contract, and your plan to enhance safety sooner or later (together with what you’ll do earlier than deploying the brand new contract in case you encounter such an issue). How do you react when one thing you don't count on arrives, and many others.).
The hacker additionally careworn the necessity for customers to be extra cautious within the decentralized finance (DeFi) business and when interacting with varied good contracts. “I look ahead to your on-line convention. After this occurs, the quantity I’ll maintain and the quantity I can ship you may be mentioned (relaxation assured, most of will probably be returned), and the notes shall be despatched to your electronic mail,” the hacker mentioned.
One specific allegation that caught everybody's consideration within the hacker's newest message is that “No skilled developer might simply make that mistake.” The attacker mentioned that if they’d not exploited a flaw within the good contract, this might have been a “good backdoor” for the protocol's staff.
On the time of this writing, Prisma Finance has halted all operations on its protocol. In the meantime, the entire worth locked (TVL) on the platform is roughly $85.65 million, down 61% because the hack.
Crypto hack losses see decline in first quarter of 2024: Report
In a brand new report from ImmuneFi, the cryptocurrency business suffered comparatively little loss as a consequence of hacks and scams within the first quarter of 2024. In comparison with the primary quarter of 2023, the worth misplaced from exploits and cyber assaults has decreased by 23%.
Complete hack incidents within the first quarter of 2024 | Supply: Immunefi
In keeping with the blockchain safety agency, round $336.3 million was misplaced from hacks and scams within the first quarter of 2024. Particularly, ImmuneFi recognized 46 hacking incidents and 15 instances of fraudulent actions.
Moreover, the report revealed that DeFi protocols are nonetheless the first targets for cyber attackers, accounting for the entire hack incidents reported in Q1. Particularly, the cross-chain protocol Orbit Bridge suffered the most important exploit previously three months, shedding practically $82 million on January 1.
Complete cryptocurrency market cap at $2.581 trillion on the every day timeframe | Supply: TOTAL chart on TradingView
Featured picture from Medium, chart from TradingView