DeFi Hack Report: Blockchain Ecosystem Security Firm SlowMist Shares Detailed Analysis of MonoX Exploit

SlowMist, which focuses on Blockchain Ecosystem Security and have served more than 1,000 customers, notes that on November 30, 2021, their team at SlowMist was “notified of an attack on the Defi protocol MonoX.”

More than $18 million in WETH and $10.5 million in MATIC tokens were reportedly “drained by the attacker.”

Several other crypto tokens, such as Wrapped Bitcoin, Chainlink, Unit Protocol, Aavegotchi, and Immutable X, were also lost/stolen, “bringing the total loss to over $31 million.”

SlowMist has investigated the attack, and has shared a detailed analysis of the incident.

The Root Cause of the Attack

According to SlowMist’s investigation, the leading “cause of this attack was that the swap contract did not check whether the transferred and outgoing tokens in the pool were the same.”

By taking advantage of this exploit in the price update function, the hacker “can transfer the same tokens as the outgoing tokens to artificially pump up the price of the MONO token.” They then used the MONO token to “exchange for other assets within the MonoX protocol.”

Here’s More Relevant Information shared by SlowMist:

MonoX is a new decentralized finance (DeFi) protocol using a single token design “for liquidity pools (instead of using pool pairs).”

This is “made possible by grouping deposited tokens into a virtual pair with the vCASH stablecoin.” The update from SlowMist also noted that the first use case for single token liquidity pools “is the automatic market maker system-Monoswap, launched in October 2021.”

You may check out the detailed (technical) explanation of how this attack was carried out here.

DeFi/smart contract hacks or exploits have become increasingly common because there isn’t any widely-adopted standard for properly checking/auditing smart contract source-code. DeFi is also a nascent industry where many new ideas and implementations are being explored for the first time. Due to the highly experimental and premature state of these protocols, there will most likely be numerous hacks in the coming years – before the industry becomes more established.

Sponsored Links by DQ Promote



Send this to a friend