Hackers have stolen more than $25 million in cryptocurrency from the Uniswap exchange and the Lendf.me lending platform. With both attacks taking place over the weekend – on Saturday and Sunday respectively – they are believed to be related, most likely carried out by the same group or individual. The ongoing investigation suggests that the hackers responsible appear to have chained together bugs and legitimate features from different blockchain technologies to orchestrate a sophisticated “reentrancy attack,” according to ZDNet. This type of attack allows threat actors to withdraw funds multiple times, in a loop, before the original transaction is approved or declined.
The opinions expressed in this article belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.