DIRECTORY

  • Alerts
  • APTs
  • Blog
  • Books
  • Certifications
  • Cheat Sheets
  • Courses
  • Cyber Briefing
  • CyberDecoded
  • CyberReview
  • CyberStory
  • CyberTips
  • Definitions
  • Domains
  • Entertainment
  • FAQ
  • Frameworks
  • Hardware Tools
  • Incidents
  • Malware
  • News
  • Papers
  • Podcasts
  • Quotes
  • Reports
  • Tools
  • Threats
  • Tutorials
No Result
View All Result
  • Login
  • Register
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
Talk To An Expert
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
No Result
View All Result
Talk To An Expert
CyberMaterial
Home Incidents

$1.25 Million Stolen From New Free Dao

Reading Time: 2 mins read
in Incidents

 

An attacker stole $1.25 million worth of cryptocurrency from newly established decentralized finance protocol New Free DAO in a flash loan attack on Thursday. The thief has cashed out nearly half of the stolen funds so far.

Flash loans are fast, uncollateralized cryptocurrency loans, where a user can borrow and repay funds within one transaction. A DAO is a decentralized autonomous organization that uses blockchain to facilitate self-enforcing rules or protocols to carry out transactions.

The Thursday attack resulted in a sharp drop in the platform’s native token $NFD, whose value slumped more than 99% compared to a day ago. Its value had not recovered on Friday at the time of writing this story.

New Free DAO was established less than two weeks ago but had accumulated enough money to permit huge losses once exploited, says Ronghui Gu, CEO and co-founder of blockchain security company CertiK.

The attacker exploited a vulnerability on an unverified rewards smart contract on the BSC blockchain to carry out the attack, CertiK says in a blog post detailing the incident. The attacker first deployed a malicious contract, made themselves a member of the contract and executed functions that resulted in the contract erroneously releasing funds that did not belong to the attacker.

The attacker currently holds $1.13 million worth of cryptocurrency in their wallet and moved $111,544 to sanctioned cryptocurrency mixer Tornado Cash.

The blockchain security company could not ascertain the attacker’s identity but said that the individual was also behind another malicious flash loan exploit on $N3DR, which resulted in the loss of cryptocurrency worth $297,000 at the time.

 

READ FULL ARTICLE
Tags: BlockchainCertiKCryptocurrencyDecentralized Financeflash loan attackIncidents 2022New Free DAONFDSeptember 2022Stolen fundsVulnerability
ADVERTISEMENT

Related Posts

HTX Loses $7.9M in ETH Hack

HTX Loses $7.9M in ETH Hack

September 27, 2023
Kuwait Ministry of Finance Ransomware

Kuwait Ministry of Finance Ransomware

September 27, 2023
PhilHealth Hit by Ransomware Attack

PhilHealth Hit by Ransomware Attack

September 27, 2023
Killnet Targets Lockheed Martin

Killnet Targets Lockheed Martin

September 27, 2023

More Articles

Tutorials

How to create aliases to protect your real email on Microsoft Outloook

March 13, 2023
News

North Korea’s Persistent Crypto Threat

August 21, 2023
Incidents

Data from Oath Keepers leaked online after alleged hack

September 27, 2021
Education

Security & Safety Challenges in a Globalized World

January 20, 2022
Alerts

Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network

January 25, 2023
Alerts

Chrome Security Update: Version 114 Released

June 1, 2023
Book

Invasion of Privacy: Hacking the Celebrity Code

November 17, 2021
News

Proposal for National Cyber Alert System

September 15, 2023
Load More

Security through data

Cybersecurity Domains

  • API Security
  • Business Continuity
  • Career Development
  • Compliance
  • Cryptography
  • HSM
  • KPIs / KRIs
  • Penetration Testing
  • Shift Left
  • Vulnerability Scan

Emerging Technologies

  • 5G
  • Artificial Intelligence
  • Blockchain
  • Cryptocurrency
  • Deepfake
  • E-Commerce
  • Healthcare
  • IoT
  • Quantum Computing

Frameworks

  • CIS Controls
  • CCPA
  • GDPR
  • NIST
  • 23 NYCRR 500
  • HIPAA

Repository

  • Books
  • Certifications
  • Definitions
  • Documents
  • Entertainment
  • Quotes
  • Reports

Threats

  • APTs
  • DDoS
  • Insider Threat
  • Malware
  • Phishing
  • Ransomware
  • Social Engineering

© 2023 | CyberMaterial | All rights reserved.

World’s #1 Cybersecurity Repository

  • About
  • Legal and Privacy Policy
  • Site Map
No Result
View All Result
  • Alerts
  • Incidents
  • News
  • Audience
    • Cyber Citizens
    • Cyber Professionals
    • Institutions
  • Highlights
    • Blog
    • CyberDecoded
    • Cyber Review
    • CyberStory
    • CyberTips
  • Cyber Risks
    • Alerts
    • Attackers
    • Domains
    • Incidents
    • Threats
  • Opportunities
    • Events
    • Jobs
  • Repository
    • Books
    • Certifications
    • Cheat Sheets
    • Courses
    • Definitions
    • Frameworks
    • Games
    • Hardware Tools
    • Memes
    • Movies
    • Papers
    • Podcasts
    • Quotes
    • Reports
    • Tutorials
  • Report Cyber Incident
  • GET HELP
  • Contact Us

Subscribe to our newsletter

© 2022 Cybermaterial - Security Through Data .

Welcome Back!

Sign In with Google
Sign In with Linked In
OR

Forgotten Password? Sign Up

Create New Account!

Sign Up with Google
Sign Up with Linked In
OR

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.