$90 Million Hack of Terra’s Mirror Protocol Went Unnoticed for Seven Months

The frequency of DeFi hacks has made them second place in the cryptoverse. However, what is uncommon is a DeFi protocol exploits of up to $90 million going unnoticed for seven months – that is the story of Mirror Protocol.

by .
Published:
Google News Follow Button

The frequency of DeFi hacks has made them almost commonplace in the cryptoverse. However, what is certainly unusual is DeFi protocol exploits worth $90 million going unnoticed for seven months – and yet, that is the story of Mirror Protocol.

$90 Million Hack Goes Unnoticed for Seven Months

Mirror Protocol is a decentralized application on the Terra chain that allows for the creation of digital synthetics which track the price of real-world assets.

On May 17th, community members discovered a bug in the Mirror Protocol’s code that allowed a hacker to gradually siphon as much as $90 million, starting from October 8th, 2021. 

Sponsored

According to a user under the alias of “FatMan, the bug allowed the hacker to unlock other users’ collateral on Mirror Protocol, and withdraw it for themselves. 

The bug in Mirror’s code has been exploited “hundreds of times” since 2021, allowing the hacker to suck $89,706,164.03 out from the protocol. 

On-chain data indeed confirms that the hacker unlocked UST funds in the Mirror protocol multiple within the same transaction, paying only about $17.54 to do so.

Mirror Protocol Suffers Another Hack

Just days after the discovery, the DeFi protocol suffered a further attack on May 30th.

Sponsored

According to reports, the latest hack was caused by an error in the configuration of its price oracles, leading to the attacker taking advantage of a mismatched price between the old LUNC token, and the new LUNA token. 

The attack was made possible due to the fact that the Terra nodes were running on outdated oracle software. According to the Chainlink community member who spotted the attack, the hacker drained upwards of $2 million from the protocol.

On the Flipside

  • The bug was quietly fixed by Mirror Protocol developers on May 9th, without any official communication to the community that the code had been exploited. 

Why You Should Care

While this is certainly not the first DeFi exploit in history, it is by far the longest it has taken for one to be reported. The pressure continues to pile on for Terra.

To get a grasp of how DeFi works, read:

Introduction to Decentralized Finance (DeFi): A Comprehensive Guide

To find out how Terra is performing, check out:

Terra (LUNA) Tanks 70% Just Hours After the Terra 2.0 Mainnet Goes Live

DailyCoin Newsletter

The hottest crypto news, straight to your inbox!

newsletter icon

Get a daily dose of crypto stories in a quick read with a tongue-in-cheek twist! Suitable for everyone, from crypto newbs to battle-tested veterans.

      You can easily unsubscribe at any time. Spoiler Alert: You won’t want to!

      This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

      Tags
      Author
      Milko Trajcevski
      Milko Trajcevski

      Milko Trajcevski is a DailyCoin news reporter, mainly focused on Ethereum (ETH), Cardano (ADA), and their founders (Vitalik Buterin and Charles Hoskinson). Milko is an avid follower of crypto and blockchain technology and has written thousands of articles on the subjects. He finds joy in transforming complex issues into written content that anyone can understand. Milko has used and analyzed numerous exchanges, such as Coinbase, FTX, and Binance. He also closely follows all of the latest news around the largest decentralized exchanges (DEXs). Location: Skopje, Macedonia