- Hacker used oracle manipulation to “siphon off” funds
- He has already begun withdrawing the stolen money through the Tornado Cash mixer
- Sturdy Finance has suspended all markets until clarification
Since early this morning, June 12, PeckShield analysts reported suspicious activity in the Sturdy Finance lending protocol pool. The administration later confirmed the break-in. The hacker has already withdrawn 442.6 ETH ($769,000) via a Tornado Cash mixer.
“The problem seems to be related to price manipulation,” PeckShield said in a notice.
An hour later, Sturdy Finance administration confirmed the hack:
“We are aware of the vulnerability discovered. All markets on the platform are suspended. Now there is no risk of losing additional funds, and no action on the part of users is required. We will have more details at a later date.”
Probable damage amounts to $769,000 or 442.6 ETH. According to PeckShield, the hacker has already started withdrawing the stolen money through the Tornado Cash mixer. The address of the likely hacker can be found here.
It appears that the hacker used a “re-entry vulnerability.”. Then he manipulated the price oracle and started siphoning off funds.
The most high-profile similar case last year was the hacking of Mango Markets.. The oracle manipulation was also used there. But most interestingly, the hacker responsible for the incident denied the fact that he had committed a crime.
In his opinion, his actions in no way went beyond the “normal” use of the oracle. Well, the losses of arbitrageurs and ordinary users are the conventions of the market.
In his opinion, his actions do not go beyond the “normal use of the oracle.