Team Finance loses $14.5M to smart contract bug exploit
Team Finance, a web3 infrastructure platform that allows companies to secure their tokens, was hacked, resulting in the loss of $14.5 million worth of assets on October 27, the company tweeted.
I was warned about a Team Finance exploit.
Details are currently unknown.
Abusers are advised to contact them for bounty paymentWe are currently working to analyze and improve the situation.
More details to come
— Team Finance (@TeamFinance_) October 27, 2022
Blockchain analytics and security firm PeckShield estimates that hackers stole $15.8 million worth of cryptocurrency.
Team Finance said in a Twitter thread that the attackers exploited a previously audited flawed V2 to V3 migration feature.
Hackers launched their attack using 1.76 Ethereum (ETH) tokens drawn from FixedFloat.Attacker holds the entire loot Park in a single walletThe total loss includes 880 ETH and 6.4 million DAI tokens, according to PeckShield.
2/ The protocol has a flawed migrate() that is exploited to transfer real UniswapV2 liquidity to attacker-controlled new V3 pairs at skewed prices, resulting in huge balances as profit refunds To do. Also, by locking the token, the allowed sender check is bypassed. pic.twitter.com/G2QVNU7DgU
— PeckShield Inc. (@peckshield) October 27, 2022
Team Finance, a TrustSwap product, assured users that their remaining funds on the platform were not compromised by the same hackers.
However, platforms that “do not know the details” of the attack have halted all activity until all vulnerabilities are fixed. Team Finance also urged the hackers to contact the team about bounty payments.
According to DeFiLlama, Team Finance’s Total Locked Value (TVL) plummeted from $147.03 million to $128.39 million after the attack. data.