MonoX Finance Drained of $31M in Latest DeFi Hack

All of MonoX Finance’s pools on Ethereum and Polygon have been exploited.

Key Takeaways

A hacker has exploited MonoX Finance’s smart contracts, draining $31 million worth of assets.

The MonoX team are attempting to contact the hacker to ask for the funds to be returned.

Despite receiving two independent audits, the vulnerabilities in MonoX’s smart contracts were not found.

A hacker has exploited the single token liquidity platform MonoX Finance, draining $31 million worth of tokens across Ethereum and Polygon. 

MonoX Finance Hacked

A hacker has wiped out another DeFi protocol.

MonoX Finance, a DeFi protocol allowing users to provide liquidity with single assets on Ethereum and Polygon, appears to have been exploited. Users noticed that all staking pools across Ethereum and Polygon had been drained Tuesday morning, with over $31 million worth of tokens taken. 

Igor Igamberdiev was the first to provide a breakdown of the hack on Twitter. Of the funds lost, $18.2 million worth was in Wrapped Ethereum, with a further $10.5 million worth of MATIC tokens also stolen. Smaller amounts of several other tokens were also lost, including Wrapped Bitcoin, Chainlink, Unit Protocol, Aavegotchi, and Immutable X. 

On Telegram, MonoX Finance Founder and CEO Ruyi Ren confirmed that the protocol had been hacked and told users that the MonoX team is attempting to contact the hacker to “pay him/her a legit amount of money to get the funds back.”

According to BlockSec, the hacker managed to trick MonoX’s smart contracts into pumping up the price of the protocol’s MONO token. Once the price of MONO had increased enough, the hacker used the token to swap out all other assets in MonoX’s liquidity pools.

The MonoX team have also released a statement confirming how the exploit took place, stating:

“A method in the swap contract was exploited and boosted MONO token price to sky high. The attacker then used MONO token to purchase all the other assets in the pool.”

MonoX had previously been audited by two smart contract auditors—Peckshield and Halborn. However, neither audit was able to identify the exploit that the hacker used to drain the protocol’s smart contracts. 

MonoX joins a long list of DeFi protocols to fall victim to hackers this year. In October, DeFi protocol Indexed Finance suffered a $16 million exploit when a hacker managed to trick the protocol’s smart contract into miscalculating the value of deposited assets. Like MonoX, Indexed Finance had also received two separate audits that could not find the vulnerabilities in the protocol’s smart contracts. 

The crypto analytics firm Elliptic estimates $12 billion has been lost this year to DeFi exploits, with $5.5 billion the result of code exploits like in the case of MonoX Finance.

Disclosure: At the time of writing this feature, the author owned BTC, ETH, and several other cryptocurrencies. 

Disclaimer Read More Read Less

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.

Source: cryptobriefing.com