THELOGICALINDIAN - Visor Finance was drained of 82 actor today afterwards a hacker exploited a reentrancy bug
The Visor Finance aggregation says it will be ablution a badge clearing to atone afflicted users.
Hacker Targets Visor Finance
Visor Finance is the latest DeFi agreement to ache a multi-million dollar hack.
The Ethereum-based DeFi project, which aims to accredit programmable liquidity, was drained of 8.8 actor VISR tokens today afterwards a hacker exploited a reentrancy bug. At the time, VISR was trading at almost $0.93, bringing the absolute losses to about $8.2 million.
Reentrancy bugs can prove baleful in DeFi as they actualize a way for an antagonist to excellent an absolute bulk of tokens. Though a abounding post-mortem address has not yet surfaced, it’s anticipation that the hacker acclimated the bug to change the buyer of the rewards arrangement so that they could excellent added vVISR rewards tokens.
The Visor aggregation shared details of the drudge this afternoon, acquainted that it had apparent an accomplishment affecting its vVISR staking contract. The aggregation added that no positions or hypervisors were at risk. The adventure mainly affects VISR stakers and badge holders because it has plummeted back the attack. One VISR is account alone $0.04 at columnist time afterwards address over 95% of its value.
To atone users, the Visor aggregation has announced that it will be alignment a clearing date based on a snapshot taken afore the hack. Badge migrations are a accepted action for advantageous DeFi hacks. They assignment by acceptance badge holders to redeem an agnate bulk of new tokens based on their aboriginal holdings. In this case, they’ll be able to redeem based on the bulk of VISR they held.
Visor presents itself as an asset administration agreement for the DeFi ecosystem. It’s congenital on Uniswap V3 and aims to actualize a way for projects and clamminess providers to optimize their returns. Users can drop assets to a basement in acknowledgment for an NFT, and their assets are managed by added acute affairs alleged Hypervisors and Supervisors. Affectation aloft $3.5 actor in July from several big industry players, including 1confirmation, Digital Currency Group, DeFi Alliance, and Spartan.
While Affectation has acquired absorption back its launch, its aisle hasn’t been decidedly smooth. It’s been afraid assorted times throughout this year, admitting it dismissed its best contempo adventure in November was the aftereffect of “Uniswap V3 arbitrage.” Interestingly, the agreement has been audited by CertiK, a aegis close that’s reportedly absent added DeFi vulnerabilities in the past. It additionally has an advancing analysis with Quantstamp.
Etherscan data shows that the antagonist has already traded the majority of their VISR tokens for ETH via Uniswap. They’ve additionally amorphous funnelling funds through Tornado.Cash, a bundler for attention Ethereum transaction history. However, they’ll end up with far beneath than the $8.2 actor abstract amount due to the token’s illiquidity causing the amount to decidedly decrease. They’ve deposited 243 ETH account $978,561 at columnist time with about 3.6 actor VISR and 0.475 ETH account a accumulated absolute of $135,000 sitting in their wallet. Their character is currently unknown.
This adventure is developing and will be adapted as added capacity emerge. Visor Finance did not anon acknowledge to Crypto Briefing’s appeal for comment.
Disclosure: At the time of writing, the columnist of this affection endemic ETH and several added cryptocurrencies. They additionally had acknowledgment to UNI in a cryptocurrency index.