Terra’s Mirror Protocol Could Collapse Due to Latest Exploit

2022-5-31 11:16

Terra’s Mirror Protocol is experiencing an attack, with the attacker draining over $2 million already. The exploit remains unpatched and could get much worse in the coming hours.

Terra’s Mirror Protocol is suffering a new attack as users are reporting that the attacker has drained multiple assets for over $2 million. Assets that have been drained include mBTC, mETH, mDOT, and mGLXY. The exploit was first discovered by MirrorUser.

FatMan, a member of the Terra Research Forum who offers analyses and updates on the Terra collapse that has been taking place over the past few weeks, explained how the attack works. His understanding of the situation is that the pricing oracle has a bug that tells the system that “LUNC is worth around 5 UST when it’s actually under a microcent.” Consequently, “for $1k in LUNC, an attacker can now load up on $1.3m in collateral but can pull out real assets by borrowing.”

FatMan also provided an example of the transaction. He expects the situation to worsen, and the market feed opens, which should happen in a few hours. The attacker could drain all of the assets in the pools, including those related to stocks like mAAPL and mAMZN.

The Mirror Protocol team has not commented on the matter, and FatMan is worried that this will only worsen the situation as time runs out to fix the exploit. He has asked both the development team and Do Kwon to fix the issues, saying that,

“Mirror will accrue irremediable bad debt, and the system will collapse in on itself. This is not the time to be negligent.”

Another user, Todd G, has also explained how to fix the issue – by updating the price oracle. Terra will have to fix the issue fast or risk their troubles worsening.

This is because a majority of the #TerraClassic #LUNC validators are running an outdated version of the price oracle! You can see who is publishing bad prices here https://t.co/cKM9V1VbPh if they have a low missed-oracle vote count they need to update ASAP!!! https://t.co/h5GBrg3UGe

— Todd G | block pane (@blockpane) May 30, 2022 Terra in deep enough waters without Mirror exploit

FatMan appears to have given up hope, saying that “it looks like nothing will be done and the project will collapse tomorrow for sure.” He also says that there are other vectors too, and urges users to pull their money out.

This exploit could be the final nail in the coffin for Terra, which has seen a dramatic fall. The last thing it needed was an attack, which would kill off any hope that remains in the launch of Terra 2.0.

It is uncertain how much will be stolen with the attack, but whatever it is, the reputational hit will be massive. Terra’s employees and Do Kwon are facing investigations, and this incident will not make their case any easier.

The post Terra’s Mirror Protocol Could Collapse Due to Latest Exploit appeared first on BeInCrypto.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Terra KRW (KRT) íà Currencies.ru

$ 0 (+0.00%)
Îáúåì 24H $0
Èçìåíåèÿ 24h: 0.00 %, 7d: 0.00 %
Cåãîäíÿ L: $0 - H: $0
Êàïèòàëèçàöèÿ $0 Rank 99999
Öåíà â ÷àñ íîâîñòè $ 0.000912 (-100%)

exploit could protocol mirror terra latest collapse

exploit could → Ðåçóëüòàòîâ: 38


Ôîòî:

Ledger Patches Nano X Supply Chain Vulnerability

The Ledger security team has patched a hardware exploit that could compromise Ledger Nano X wallets as a part of a supply chain attack. Following a report from Kraken Security Labs, a cybersecurity division of Kraken, that showed that the Ledger hardware wallet was susceptible to a supply chain attack, the device manufacturer has announced […] The post Ledger Patches Nano X Supply Chain Vulnerability appeared first on BeInCrypto.

2020-7-9 12:12


Ôîòî:

Researcher discloses second Steam zero-day exploit after being shut out of bug bounty program

A second zero-day vulnerability has been publicly disclosed in the Steam gaming client by security researcher Vasily Kravets after he said he was banned from its bug-bounty program. The revelations come two weeks after another zero-day previously disclosed by Kravets and researcher Matt Nelson was disputed by Valve, Steam’s parent company.

2019-8-22 09:52


Ôîòî:

Quantum breakthrough could lead to ‘super-powered’ hard disk drives

While the world’s focused on the latest Avenger’s flick, an international team of scientists have potentially unlocked the super powers of another familiar Marvel character: Magneto. Researchers from the Argonne National Laboratory, Oakland University in Michigan, and Fudan University in China have discovered a quantum-level exploit that has the potential to give engineers greater control over the magnetic properties of certain metals.

2019-4-27 23:49


Ôîòî:

Security Researchers Reveal Wallet Vulnerabilities On Stage at 35C3

In a demonstration titled “Wallet. fail,” a team of security researchers hacked into the Trezor One, Ledger Blue and Ledger Nano S. Unfortunately, it appears as if their findings were first put on display at the 35th Chaos Communication Congress (35C3) in Leipzig, Germany, rather than through accepted Responsible Disclosure practices, which would have allowed the manufacturers to patch the vulnerabilities and protect their customers from any potential attack.

2019-1-1 19:15


Ôîòî:

A Bug Making Ethereum Transactions on Exchanges Vulnerable Has Been Fixed

A bug centering around a new Ethereum token, GasToken, which was enabling abuse on cryptocurrency exchanges, appears to have been resolved. The details are provided in a report originally published on November 13, 2018, that discussed how the bug was exploited by attackers, and what digital platforms could do if they wished to protect their hot wallet funds.

2018-11-22 00:34


Ôîòî:

Blockstream’s Liquid Network Could Be Vulnerable to Hardware Backdoors

Bitcoin technology company Blockstream has conceded its flagship Liquid Network could be susceptible to hardware vulnerabilities. Following recent disclosures that certain Chinese-manufactured motherboards contain backdoors, Blockstream has authored a post conceding that such an exploit could allow an attacker to infiltrate their off-chain bitcoin transfer system.

2018-10-6 10:50