Hackers Steal Virtual Coins By Exploiting Software Bug

Share post:

MonoX has confirmed a breach in which hackers squandered $31 million in virtual coins by exploiting a flaw in the company’s software used to create smart contracts.

According to MonoX finance, an accounting error gave access to hackers who inflate the price of the blockchain startup’s MONO token and then use it to pay out other deposited tokens.

On MonoX, tokens are exchanged using tokenIn (token sent by a user) and tokenOut (token received by a user). As soon as a token is exchanged, the price of tokenIn decreases while the price of tokenOut increases.

By using the same tokenIn and TokenOut, the attackers could inflate the price of the MONO token, since updating the tokenOut overwrote the price update of the tokenIn.

From there, they exchanged the token for $31 million worth of tokens for both Blockchains Ethereum and Polygon.

The company pointed out that the software conducting trade and is supposed to mark such actions suggests that an error has been exploited.

Blockchain researcher Igor Igamberdiev said the stolen tokens included $18.2 million in Wrapped Ethereum, $10.5 million in MATIC tokens and $2 million worth of WBTC. Others include Wrapped Bitcoin, Chainlink, Unit Protocol, Aavegotchi and Immutable X.

For more information, read the original story in Ars Technica.

Featured Tech Jobs


Related articles

Cyber Security Today, Week in Review for week ending Friday, Feb. 23, 2024

This episode features discussion on the takedown of the LockBit ransomware gang

Breaking news: RCMP facing ‘alarming’ cyber attack

The RCMP is facing a serious cyber attack from an unspecified threat actor. The Mounties told CBC News today that a “breach of this magnitude is alarming.” “The situation is evolving quickly but at this time, there is no impact on RCMP operations and no known threat to the safety and security of Canadians,” a spokesperson

Leaked documents may show the inside of China’s hacking strategy

Documents apparently stolen by disgruntled employees to embarrass their firm may give insight into China's cyber

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways