Hackers have stolen more than $25 million in cryptocurrency from the Uniswap exchange and the Lendf.me lending platform. With both attacks taking place over the weekend – on Saturday and Sunday respectively – they are believed to be related, most likely carried out by the same group or individual. The ongoing investigation suggests that the hackers responsible appear to have chained together bugs and legitimate features from different blockchain technologies to orchestrate a sophisticated “reentrancy attack,” according to ZDNet. This type of attack allows threat actors to withdraw funds multiple times, in a loop, before the original transaction is approved or declined.
It sounds like the perfect digital heist has been performed, with little left behind in the way of evidence. It also further undermines the future of digital currency and its security, but we must learn from these mistakes before it’s too late for cryptocurrencies to take off.
This was a particularly sophisticated attack – and is likely to have been carried out by professional cybercriminals. Unless lessons are learnt from this hack, then the money will have been lost in vain. Cryptocurrency companies must stay on top of all available updates, as well as the user keeping themselves aware of all such vulnerabilities. Whereas a traditional bank would look after your money and even offer some level of insurance from attacks, digital money does not offer this protection. Therefore, adopters should learn as much as possible about the risks, and mitigate them wherever possible by treating them cautiously.