Miners turned $ 11 into $ 6.7 million by manipulating the stablecoin exchange rate
Malicious miners manipulated the PegNet decentralized stablecoin network, as a result of which their wallet balance grew from $ 11 to $ 6.7 million. However, they failed to withdraw the amount received. This is written by CoinDesk.
On Tuesday morning, four miners took possession of 70% of the computing power of the PegNet network and transmitted data that allowed many times to increase the rate of the pJPY stablecoin tied to the Japanese yen. Then they transferred the assets to dollar-based pUSD stablecoins and tried to liquidate them on cryptocurrency exchanges.
PegNet is a decentralized network based on the Factom protocol, where users can trade stablecoins tied to 32 different assets. In addition to fiat currencies, the platform also provides exchange products such as gold, and other cryptocurrencies, such as bitcoin and ether.
The system uses the data transmitted by the miners to determine the price of stablecoins. 50 data points are added to each block, of which 25, the most differing from the average, are rejected. In this case, the miners, in fact, carried out an attack of 51%, providing 35 data points, as a result of which 15 indicators transmitted by other miners were invalidated as different from the average value. The attack lasted about 20 minutes and, apparently, did not affect other users.
Chairman of Factom Inc. and one of the PegNet organizers, David Johnston, explained that the attackers could not transfer most of the received pUSDs to their own cryptocurrencies of the PEG system, since the protocol does not allow fast conversions.
Subsequently, the attackers contacted PegNet and stated that they were simply trying to "conduct a network penetration test" to identify possible vulnerabilities and warn developers about them. They destroyed the received stablecoins by sending them to the address for burning tokens on the same day.
“I can’t talk about this person’s intentions, only about his actions,” Johnston said. - His actions were aimed at generating pAssets assets and their subsequent destruction. It’s more like a gimmick than an attack, given the short duration and action later. ”
Now the developers intend to review the oracle mechanisms in their network in order to protect it from similar attacks in the future. At the same time, they expect more sophisticated attempts to crack the protocol as the value of the assets stored in it increases. Johnston noted that he could not know for sure whether the attackers managed to exchange some of the illegally obtained pUSD on exchanges.
Previously, the DForce DeFi protocol was attacked, as a result of which $ 25 million was stolen. In this case, the assigned assets were also not distributed in the wider cryptocurrency ecosystem and returned to the developers wallet.
Malicious miners manipulated the PegNet decentralized stablecoin network, as a result of which their wallet balance grew from $ 11 to $ 6.7 million. However, they failed to withdraw the amount received. This is written by CoinDesk.
On Tuesday morning, four miners took possession of 70% of the computing power of the PegNet network and transmitted data that allowed many times to increase the rate of the pJPY stablecoin tied to the Japanese yen. Then they transferred the assets to dollar-based pUSD stablecoins and tried to liquidate them on cryptocurrency exchanges.
PegNet is a decentralized network based on the Factom protocol, where users can trade stablecoins tied to 32 different assets. In addition to fiat currencies, the platform also provides exchange products such as gold, and other cryptocurrencies, such as bitcoin and ether.
The system uses the data transmitted by the miners to determine the price of stablecoins. 50 data points are added to each block, of which 25, the most differing from the average, are rejected. In this case, the miners, in fact, carried out an attack of 51%, providing 35 data points, as a result of which 15 indicators transmitted by other miners were invalidated as different from the average value. The attack lasted about 20 minutes and, apparently, did not affect other users.
Chairman of Factom Inc. and one of the PegNet organizers, David Johnston, explained that the attackers could not transfer most of the received pUSDs to their own cryptocurrencies of the PEG system, since the protocol does not allow fast conversions.
Subsequently, the attackers contacted PegNet and stated that they were simply trying to "conduct a network penetration test" to identify possible vulnerabilities and warn developers about them. They destroyed the received stablecoins by sending them to the address for burning tokens on the same day.
“I can’t talk about this person’s intentions, only about his actions,” Johnston said. - His actions were aimed at generating pAssets assets and their subsequent destruction. It’s more like a gimmick than an attack, given the short duration and action later. ”
Now the developers intend to review the oracle mechanisms in their network in order to protect it from similar attacks in the future. At the same time, they expect more sophisticated attempts to crack the protocol as the value of the assets stored in it increases. Johnston noted that he could not know for sure whether the attackers managed to exchange some of the illegally obtained pUSD on exchanges.
Previously, the DForce DeFi protocol was attacked, as a result of which $ 25 million was stolen. In this case, the assigned assets were also not distributed in the wider cryptocurrency ecosystem and returned to the developers wallet.