February 9, 2021: DeFi Hack Attack #2! 🕵️💻

Curve Market Recap

Aave Pool won’t stop making news. A >4000% APY? 👀

It’s real, and it’s spectacular. It looks to be the second major hack within the world of DeFi in the past week.

🤖 Leshner @rleshner

Seems like yet another hack ("arbitrage"), this time of bVault (?) etherscan.io/token/0x6b1754…

8:47 PM ∙ Feb 8, 2021

---

Alan @chefcoverage

Looks like @CoverProtocol's CVC is going to be busy this week. @btdotfinance CLAIM tokens already trading at $0.25

defiprime @defiprime

Looks like @btdotfinance exploited https://t.co/YHIoipufio

9:21 PM ∙ Feb 8, 2021

---

Slow down hackers, we’re still preparing the autopsy of the Yearn hack and yv2 pool issue! The issue is still under investigation, but it looks like an exploit of BT Finance:

defiprime @defiprime

Looks like @btdotfinance exploited etherscan.io/address/0x358a…

8:53 PM ∙ Feb 8, 2021

---

BT.Finance @btdotfinance

Our withdrawal fee protection reduced the loss of this attack by nearly 140,000 USD, please do not withdraw from ETH/USDC/USDT vault if do not want to realize losses. You can check from our Treasury（multi-sig）and Dev address: etherscan.io/token/0xdac17f… etherscan.io/token/0xa0b869…

BT.Finance @btdotfinance

We hope that the hacker can return the funds for the sound development of our investors and DeFi, and we will use $BT to conduct a thank you bug test https://t.co/owf8HX5I0d

4:00 AM ∙ Feb 9, 2021

---

For the sleuths out there, here are relevant hashes. It appears the hack also interacted with furubombo, which we reviewed recently.

• https://etherscan.io/tx/0x82f95242963ac274d63e78234cb71c156f3135c32037e7e5b4424a6043da2a9a

• https://etherscan.io/tx/0x0a51749d5394d60a67e7c31c345b675781226139e38ed936b41e00e5a9777362

• https://etherscan.io/tx/0x7b88a6983f224d3d42fab1f2d28831ea0ad119b32133d1ea29eab99a5a404a87

• https://etherscan.io/tx/0xa109ecf32bb1a3e29c126a7b52f56a02801c1583fe33e7e003465d3e8676784c

Thankfully, Curve pools yet again remain unharmed:

In fact, quite the opposite. Anybody sitting in Aave pool saw returns that would make Bitcoin blush.

“But wait!” you might ask, “If such major movements, why didn’t volume budge!”

No volume activity, except for people after the event skating to where the puck just was…

Kendrick Llama explains that deposit and withdrawal events are not calculated into trading volume, but there are still fees:

Why the rash of attacks? Coindesk recently released an explainer about Flash Loan attacks:

CoinDesk @CoinDesk

🚨NEW EPISODE: Today we're breaking down the flash loan attacks that rocked the DeFi community last week. Join @johnbiggs and @GamerAndy as we break down the news of the day. ow.ly/vlv250yqMfy

ow.lyThe Flash Loan Attacks Explained (for Everybody) - CoinDeskToday we’re breaking down the flash loan attacks that rocked the DeFi community in a way even your grandpa can understand.

7:25 PM ∙ Feb 19, 2020

---

More generally speaking, our friend and Bitcoin maximalist Dan Held predicted this phenomenon while bashing DeFi during his recent 3-part interview with What Bitcoin Did:

“You’re telling me you’ve solved holy grail problems in finance? Your DEX is going to weather intense volatility? Once, like, the big hedge funds come in, these guys won’t blow your sh*t up to where they find a little fatal flaw and they’re willing to put in $1 billion to get a $3 billion return? Those are the big boy games.”

— Dan Held, “Why Silicon Valley Doesn’t Get Bitcoin” 36’57”

Dan Held @danheld

Check out my latest podcast with @PeterMcCormack! "Why Silicon Valley Doesn’t Get Bitcoin" We discuss: - My experience in SV - What drives Venture capital investment - My experience in SV - How Jack Dorsey’s support for #Bitcoin sent a message to SV

whatbitcoindid.comWhy Silicon Valley Doesn’t Get Bitcoin with Dan Held — What Bitcoin Did<p>Bitcoin & Crypto trading news and strategy</p>

12:10 AM ∙ Feb 6, 2021

---

---

So to recap, we’ve seen two major hacks in DeFi in the past week, and they both actually redounded to the benefit of Curve stakers. Curve really is becoming a critical cog within the DeFi ecosystem. The development team pays a lot of attention to best practices and security, and as a result hackers today are building off of Curve’s infrastructure, rather than exploiting it.

If you expect additional hacks within the DeFi ecosystem and want to profit, you therefore might consider parking into Curve. If you do, first research heavily and make sure to do it the right way:

goodgirlgonecrypto.onlymarketbuy @gggonecrypto

If you are an LP and you don't do LP/lock $CRV on @CurveFinance, you are doing a disservice to the prosperity of your future self net worth lads!

2:09 AM ∙ Feb 9, 2021

---

Of course, with Curve’s rapid rate of launching products, nothing is guaranteed. You can help keep the site resilient by helping find exploits before they become problems. Curve recently upped their bug bounty to a whopping 5.3 BTC:

---

For more info, check our live market data at https://curvemarketcap.com/ or our subscribe to our daily newsletter at https://curve.substack.com/. Nothing in our newsletter can be construed as financial advice. The author performs development work for Curve compensated partly in $CRV, all content is otherwise independent.