News

$10 Million Hack Targets Velocore Dex on zkSync and Linea Networks

kzy dor ycm sgv wzr ylw ukj bww ndx tit avd dqu qof nad rzk mke oom wku xpy jfy paa wfe glc kbb gjp fig mra oml ism bas

DeFi was hit again when one of the DEXs that works in the zkSync and Linea layers was exploited for $10 million. This hack that occurred on 2nd June 2024 shows that there are still weaknesses within the Space of Decentralized Finance. 

The breach was discovered by a cyber threat researcher, Officer’s Notes. In the exploit, Velocore’s tokens used by the exchange’s liquidity were compromised. The exchange relied on liquidity provider tokens that were exploited. The hackers stole various amounts from the users equaling more than 1700 ETH and proceeded to cross the chain to the Ethereum mainnet. 

The attacker obtained the first rounds of Ether from Tornado Cash. The funds were redirected from the respective platform back to Across Bridge and then to Tornado Cash to anonymise the transaction. Until its catch, the hacker has input around 1700 Eth approximately, $7 million to Tornado Cash. 

The hacker has targeted the Velocore despite its earlier security audit by Zokyo, Hacken and Scalebit.  

Fortunately, Velocore’s stable pools were unaffected; users can ‘withdraw their funds from the reserves which are safe’. The Velocore team is actively working with cybersecurity specialists and unites the CEXs to freeze the stolen funds to avoid additional losses. 

Investigation and response 

Velocore has found out how the exploit occurred and is now in the process of negotiating with the attackers through the chain. The team has offered the hacker a 10% white hat bounty for the return of the remaining funds by June 3, 8:00 UTC. ” However, the hacker still maintains his/her silence. 

According to their post-mortem, Velocore pledged, “those impacted, we were able to take a snapshot of the blockchain state prior to the attack. After operations resume, we will develop a proper mitigation plan in which, collectively, we can ensure the appropriate compensation has been made to those who lost money to the attackers. ”  

Impact on Velocore’s token 

The hack affected the native token of Velocore, VC. The token reached its lowest point post the hack but now has recovered significantly to trade at $0. 004127 at the time of writing. 

Despite the significance of the Velocore exploit, the impact on the traffic in the zkSync and Linea blockchains remained moderate. Overall, both networks preserved relatively high transaction throughput and address activity on a daily basis similarly before and after the attack.

Also Check Out : May Crypto Hack Report: $347 Million Wiped Out from Markets!

SOURCE

Leave a Comment