The Layer 1 Elrond Network Got Hacked

The Layer 1 Elrond Network Got Hacked

In Brief

  • Over $1.65 million worth of tokens were stolen from Elrond and dumped on the market, causing a massive 95% plunge of EGLD token.

  • The attack was reportedly aimed at a certain exchange.

  • There are at least three addresses tied to the exploit, and the official has suspended DEX and related APIs.

Over $1.65 million worth of tokens were stolen from the Layer 1 Elrond network and then dumped on the market. This caused the price of EGLD to crash by 95%. The attack was reportedly aimed at a certain exchange, according to Wu Blockchain.

There are three addresses connected to the exploit, with the suffixes f854j, fu950 and 4ww0rt. They were all created at the same time and received money from Binance. After getting funding from the exchange, they deployed a smart contract with the function "deploy."

There was a security breach in Elrond, a L1 network. Hackers obtained nearly $1.65 million EGLD for free, they then sold those tokens on Maiar DEX causing a 92% drop in price. The team has moved to suspend DEX and related APIs.

In the next hour, hackers were able to withdraw $1.65 million worth of tokens with just one operation of the Withdraw function. It's unclear how they were able to do this.

Some developers have come up with a version of the hack that exploits a loophole in the liquidity of wEGLD and EGLD smart contracts. The details of the loophole are still murky, but it might be connected to the exchange or network side.

After stealing the crypto funds, hackers are trying to make it harder to trace the money by creating new addresses and moving the money around different networks. However, it's very difficult to make crypto funds 'disappear' without using a coin mixing solution.

The 95% crash only occurred on the EGLD/USDC trading pair. The EGLDUSDT trading pair on KuCoin is doing just fine, with no abnormal volatility observed.

The DEX's API can't figure out what caused the exploit or how to get the funds back. If the hackers try to withdraw their money using USDC stablecoin, it will probably fail because the coin is centralized.

Important Disclaimer: This material is for informational purposes only. None of the material or any material on the website should be interpreted as investment advice. Stack does not make any express or implied warranties, representations or endorsements whatsoever with regard to the material or related information. In particular, you agree that Stack and it's owners assume no warranty for the correctness, accuracy and completeness of the material.