Market Analysis

$90M DeFi Hack Discovered Seven Months After the Fact

It is the longest it has ever taken for a crypto exploit to be discovered.

Key Takeaways

  • Mirror Protocol suffered a $90 million exploit—seven months ago.
  • The attacker was allowed to unlock collateral from the protocol again and again while paying very little in fees.
  • The attack was only discovered in the last few days.

Mirror Protocol suffered a $90 million exploit last October, but it went unnoticed for seven months. 

Seven Months

Mirror Protocol was hacked for almost $90 million on Terra Classic on Oct. 8, 2021, a Twitter user by the name of FatMan revealed for the first time on May 26, 2022, seven months after the attack.

According to FatMan, who says he discovered the hack by “pure serendipity,” the attacker stole $89,706,164.03 from the protocol thanks to an exploit that allowed them to unlock collateral from the lock contract “over and over at little cost and zero risk.”

A look at Terra Classic on-chain data indeed reveals that the attacker was able to unlock UST funds multiple times from the protocol within the same transaction, paying only about $17.54 to do so. 

Mirror Protocol is a decentralized application that allows for the creation of digital synthetics which track the price of real-world assets, such as stocks. Mirror’s core contracts were deployed on Terra Classic, but its assets are available on Ethereum and Binance Smart Chain (BSC).

The bug, which was discovered by Mirror community members on May 17, had been quietly fixed by Mirror developers on May 9. The developer team had made no comment on whether the bug had already been noticed or exploited previously. 

The Mirror Protocol team has yet to make any statement about the exploit, which has prompted criticism from the community. FatMan, however, thinks there is no “compelling evidence” indicating the entity responsible for the hack was an insider.

It’s not the first time a DeFi exploit took time to discover, though this is by far the longest it has taken. It had previously taken six days for the Ronin team to realize they’d been exploited for $600 million.

Disclosure: At the time of writing, the author of this piece owned ETH and several other cryptocurrencies.

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.

Axie Infinity Network Hit by $551.8M Exploit

The Ronin bridge and Katana exchange have been halted following the incident.  Axie Infinity Network Suffers Vulnerability Ronin Network, the blockchain underpinning the popular play-to-earn game Axie Infinity, has been…

North Korean Cybercrime Syndicate Lazarus Group Implicated in Ronin Ha…


The North Korean cybercrime group known as Lazarus Group has been confirmed by the U.S. Treasury Department to be linked to the $550 million Ronin Chain hack last month. The…

Treasury Sanctions Additional North Korean Wallets Tied to Ronin Hack


The U.S. Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned several North Korean Ethereum wallets tied to a hack of the Ronin blockchain that took place last month. Treasury…

Click here for the the original source (post)