Really stupid “smart contract” bug let hackers steal $31 million in digital coin

 In Biz & IT, cryptocurrency, DeFi, hacking

Really stupid “smart contract” bug let hackers steal $31 million in digital coin

Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Close-up photo of hand operating touchscreen.

Enlarge (credit: Getty Images)

Blockchain startup MonoX Finance said on Wednesday that a hacker stole $31 million by exploiting a bug in software the service uses to draft smart contracts.

The company uses a decentralized finance protocol known as MonoX that lets users trade digital currency tokens without some of the requirements of traditional exchanges. “Project owners can list their tokens without the burden of capital requirements and focus on using funds for building the project instead of providing liquidity,” MonoX company representatives say here. “It works by grouping deposited tokens into a virtual pair with vCASH, to offer a single token pool design.”

An accounting error built into the company’s software let an attacker inflate the price of the MONO token and to then use it to cash out all the other deposited tokens, MonoX Finance revealed in a post. The haul amounted to $31 million worth of tokens on the Ethereum or Polygon blockchains, both of which are supported by the MonoX protocol.

Read 10 remaining paragraphs | Comments

Company says it has contacted the hacker in an attempt to recover the funds. Good luck.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt