Grim Finance became the latest victim of a crypto hack as an attacker stole $30 million in funds. Grim Finance is a decentralized finance platform where users can deposit their crypto funds in yield vaults. The portal is decentralized, meaning no human intervention is required to run things.
Yield vaults are like digital wallets where you can store cryptocurrencies. In exchange, yield vault providers like Grim use multiple strategies to grow your funds.
The hacker exploited these yield vaults on Grim Finance via a reentrancy bug (explained later). The folks at Grim discovered the attack and tweeted about the financial loss. It also paused all the existing vaults and recommended users withdraw their funds.
However, Grim was able to identify the address of the hacker and trace the trail of transactions. It showed the attacker used other exchanges to swap the stolen funds. As a result, Grim requested exchanges like AnySwap and SpookySwap to freeze any transfer to the hacker’s address.
The drain of funds led Grim Finance’s total value locked to dive down from $98.9 million to $4.2 million. Total value locked is the total amount of funds deposited on crypto platforms. Here, it represents the total funds in all the yield vaults at Grim.
The attack also caused a dip of 70% in the value of GRIM native tokens.
Reentrancy Bug Used to Steal Funds
Grim Finance operates on the Fantom blockchain. The protocol uses smart contracts to manage transactions on the platform as it is decentralized. A smart contract is essentially computer programming that can execute transactions on the blockchain.
The hacker exploited a reentrancy bug in Fantom smart contracts to withdraw the funds. The bug is common in smart contracts on the Fantom and Ethereum protocol; it allows the attacker to get access to funds on an exchange by manipulating data.
Let’s say your bank uses a buggy smart contract to facilitate online transactions. Now, you request several wire transfers without submitting your requests. Every time you place a request, your bank checks your balance to validate the transfer.
However, since you didn’t submit your requests, the bank always finds you have enough balance. Therefore, if you submit all the requests later, you can transfer more funds than in your account.
The Grim hacker used the same technique to steal crypto coins from the yield vaults.
Grim Is Not the Only Victim
Hackers have used reentrancy bugs in smart contracts to exploit decentralized exchanges before. One of the biggest examples is the DAO hack in 2016.
Just like Grim Finance, The DAO collected more than $150 million in funds from users. However, a reentrancy bug in its smart contract allowed a hacker to steal most of the funds.
Fortunately, The DAO worked with a group of ethical hackers to get back 70% of the stolen funds.
Another victim is Cream Finance, a lending and borrowing platform. It suffered an attack in August 2021 that led the hacker to steal AMP and ETH tokens. The total funds lost due to the hacking amounted to about $34 million.
In this case, too, the attacker relied on a reentrancy bug in Cream Finance’s smart contract. However, the platform wasn’t as unlucky as Grim. The native token went down only by 4.8% in value after the attack.
Crypto platforms can also come under other forms of cyber-attacks. In the past five years, the total amount lost due to such attacks stands at $2.5 billion.
Better Security for Decentralized Exchanges
Security is a top concern for anyone involved in cryptocurrencies. The news of hacks and exploits still causes many people to stay clear of the crypto world. As a result, decentralized exchanges need to be more secure and invest in eliminating bugs and vulnerabilities.
Thankfully, people are coming together to build stronger systems. Research is going on to reduce loopholes that hackers can exploit to steal funds. People are also working to resolve the issue of reentrancy bugs.
Things should hopefully get better in the coming days and crypto enthusiasts will be able to trade in confidence and put their faith in decentralized exchanges.
In the meantime, users should be careful and adopt the best security practices.