Using the vulnerability of the Ethereum-based PAID Network cryptocurrency project, the attacker issued 59.7 million new tokens and moved them to his wallet.
At the time of the manipulation of the smart contract, the token was trading at $ 2.86, and the total value of the stolen digital assets was 170 million. 7 minutes after the emission and transfer of funds to his wallet, the attacker began to exchange them for ether on the Uniswap decentralized exchange. Over the next 20 minutes, he managed to sell about 2.7 million PAID for 2000 ETH and stopped due to the collapse of the exchange rate to $ 0.32 (by 88%).
The incident could have become the largest robbery of a crypto project in history, if not for the low liquidity of the token. As a result, the attacker was able to get a little more than $ 3.1 million. Of course, this is a huge amount, but it is 55 times less than the result expected by the criminal..
Some believe that the possibility of this hack could have been planned by an insider at the stage of developing a smart contract. Representatives of the crypto community discovered that 30 minutes before the launch of the issue, one of the project team members transferred access rights to the contract from a third-party account.
PAID Network is a decentralized application to improve the efficiency of DeFi agreements.
text: Ivan Malichenko, photo: Shutterstock, chart: CoinMarketCap