
According to a
tweet by a blockchain ecosystem auditors SlowMist, bZx has suffered a hack
reportedly of $55 million. bZx is a Decentralized finance (DeFi) margin lending
protocol that runs on Ethereum, Polygon and Binance Smart Chain.
The attackers
send one of the team members malware embedded in an email attachment as per
analysis and thereby managed to get access to bZx private keys, controlling
Binance Smart Chain BSC and Polygon deployments. Then the stolen BZRX deposited
as collateral by attacker to borrow other funds on the protocol. Those who had
given unlimited approvals to those contracts got affected including lenders,
borrowers, and farmers.
A preliminary
report was released by bZx which highlights the attack method, timeline, and
repercussions. As the protocol team said, “personal losses from the team
wallet that was compromised” were consists of 25% of the hacked amount.
As it stated, "The bZx smart contracts themselves were not
compromised. This incident only impacted the Polygon and BSC deployments via a
compromised key." In which Ethereum contracts weren't compromised. Investigation
for the incident is yet going on.
Other hacks
suffered by bZx:
This hack was
not the first time. In year 2020, bZx suffered three hacks. In the month of
February, two hacks took place for $630,000 and $350,000 respectively. In September
2020, the third hack took place which was largest out of these attacks. Around 30%
of the funds that was locked into the bZx protocol were drained through this
exploit. The protocol was though paused and $8 million in cryptocurrency were recovered.

Indrani bose
CBW - External Analyst
INDIA