2021-3-7 00:49 |
The DeFi protocol Paid Network has been exploited via a vulnerability that allowed an attacker to create millions of new tokens.
Millions Dumped By HackerOn Mar. 5, an unknown hacker exploited Paid Network’s smart contract and created over 59.4 million PAID tokens worth $166 million at the attack time.
The attacker used a compromised private key to the original contract deployer to leverage the smart contract’s upgrade function. The attacker then proceeded to ‘upgrade’ to a new smart contract that had the ability to burn and re-mint tokens.
Soon, the hacker moved on to selling the illicitly-created 2,501,203 $PAID tokens on Uniswap for 2,040.4339 ETH (about $3 million at the time).
The flood of new tokens into the market, as well as intense selling from the hacker, instantly crashed the PAID token price from $2.80 to $0.30 (at the time of publishing).
Updates On the WayEven though the development team has denied an inside job, critics in the community have speculated the attack could be a “rug pull.”
Paid Network has announced that it is pulling liquidity from the vulnerable smart contract to prevent further damage. The team is also planning to create a new contract to restore token balances.
Update: On Mar 7, the Paid Network team published a detailed post-mortem report.
Similar to Notcoin - Blum - Airdrops In 2024