Crypto lending and trading firm Polter Finance, which runs on the Fantom blockchain, said it lost more than $7 million due to a smart contract hack. It unveiled total future security threats operating within the DeFi space, particularly those involved in cross-chain operations, as reported by Cyvers Alerts.
Details of the Exploit
The exploit was launched once the attacker got financed via Tornado Cash, an Ethereum privacy-preserving platform. They then transferred the funds to the Fantom network using the anonymity and interoperability of the chain to launch the attack. The malicious transaction which was recorded in FTMScan, identified loopholes in the Polter Finance system, to drain a considerable amount of funds out.
Measures & Responses
In an immediate response to the incident, Polter Finance took decisive steps to mitigate further losses and begin recovery efforts:
Platform Freeze: The trading activities on Polter Finance were temporarily suspended in order to stop identity theft.
Bridge Notifications: Several blockchain bridges known to regulate the transfer of stolen assets received a notification to prevent its transfer.
Wallet Tracing: Law enforcement also managed to find some wallets that have participated in the scam and some of them were linked to Binance.
The team has also initiated a proactive search, in cooperation with exchanges and security companies, for the attacker and the assets.
This hack has created fresh worries within the DeFi area concerning the protection flaws, particularly those related to cross-chain operations. Since such mechanisms ensure anonymity and ease of transfer, platforms using privacy tools such as Tornado Cash and cross-chain bridges appear to be the next targets for such attacks.
Though the team’s response seems operational, the industry needs to develop enhanced threat identification and counteractions that would win people’s trust in decentralized finance.
