In a recent Twitter post, bZx announced that they have recovered all the stolen funds and the users need not worry about the hacking incident. The Twitter post read:
“We are relieved to announce that the missing funds are now restored. More information will follow.”
bZx is an Ethereum based DeFi project that helps build applications for lenders, borrowers, and traders. Despite their self-proclaimed secure system, the company faced a security breach in which they lost 220,000 LINK tokens, 4,507 ETH, 1.76 million USDT, 1.4 million USDC and 670,000 DAI. The loss amounts to around $8 million according to the current valuations of the currencies.
This isn’t the first attack that bZx had to contend with, they’ve faced similar incidents before which include the previous $630k and $350k hacks. In this particular incident, the hackers exploited a bug in the system that fooled bZx into making new iTokens. These tokens were then exchanged for cryptocurrencies from lending pools.
This hack was noticed by the company when a single LINK withdrawal dropped the protocol’s total locked value by $2.6 million. This hacker was, however, traced through the on-chain activity and soon after being exposed, agreed to send back the stolen funds. The point that raises serious concerns is that even after two strict audits and extensive testing, the bug was not found by the company on its own. However, they have taken notice and will be working on making the code more secure. The company also claims that they support the system debt through the value of the token and that the overall system is used to counter such incidents.
Although the amount was recovered swiftly, these illicit activities in crypto and blockchain are becoming hurdles for mass adoption. Many institutional investors as well as retail investors are concerned about the security of these digital assets as they operate on basic code instead of having a physical tangible existence. It is hoped that the security increased through carefully monitored audits and testing so that blockchain and crypto’s integrity is maintained.