Astroport

April

Terra

USDC

Security

The Terra blockchain has recently&nbsp;<a style="text-decoration:none" href="https://x.com/CyversAlerts/status/1818550103000383984">suffered</a> a major security breach, leading to the unauthorized access and theft of millions of tokens.&nbsp;
The breach targeted a vulnerability within a third-party module known as IBC hooks, a critical component that facilitates cross-chain contract calls and token movements. This exploit allowed hackers to transfer assets, including USDC stablecoin and Astroport tokens, without authorization.
<h2 dir="ltr" id="span-span-initial-estimates-of-impact-span-span">Initial Estimates of Impact</h2>
According to Cyvers Alerts, hackers have stolen 60 million ASTRO, 3.5 million USDC, 500,000 USDT, and 2.7 Bitcoin from the Terra blockchain. The total amount of reported losses has reached roughly $6.8 million.&nbsp;
<div>
 <blockquote class="twitter-tweet">
 🚨ALERT🚨<a href="https://twitter.com/terra_money?ref_src=twsrc%5Etfw">@terra_money</a> was exploited, resulting in the theft of approximately 60M <a href="https://twitter.com/search?q=%24ASTRO&amp;src=ctag&amp;ref_src=twsrc%5Etfw">$ASTRO</a>, 3.5M <a href="https://twitter.com/search?q=%24USDC&amp;src=ctag&amp;ref_src=twsrc%5Etfw">$USDC</a>, 500K <a href="https://twitter.com/search?q=%24USDT&amp;src=ctag&amp;ref_src=twsrc%5Etfw">$USDT</a>, and 2.7 <a href="https://twitter.com/search?q=%24BTC&amp;src=ctag&amp;ref_src=twsrc%5Etfw">$BTC</a>. The attacker took advantage of a reentrancy vulnerability in the timeout callback of ibc-hooks. This vulnerability was revealed in April of this year.… <a href="https://t.co/56oTpg78Cv">https://t.co/56oTpg78Cv</a>— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) <a href="https://twitter.com/CyversAlerts/status/1818550103000383984?ref_src=twsrc%5Etfw">July 31, 2024</a>
 </blockquote> 
</div>
The vulnerability in the network’s timeout callback of IBC hooks allowed attackers to execute transactions repetitively, resulting in significant losses and potentially minting extra tokens.
&nbsp;
Cyvers Alerts noted that this vulnerability was revealed in April of this year. However, Terra's recent upgrade in June failed to include the critical patch that had been implemented across the broader Cosmos ecosystem. This oversight left the platform exposed and paved the way for the exploit.
&nbsp;
In response to the breach, Terra&nbsp;<a style="text-decoration:none" href="https://x.com/terra_money/status/1818498438759411964">halted</a> the network to apply an emergency patch. This measure aimed to prevent further unauthorized transactions and secure the platform from additional theft. Terra has been coordinating closely with its validators to implement the patch and remediate the suspected exploit.
&nbsp;
<blockquote>
 “We will be working with the validators on Terra to apply an emergency patch thereafter to remediate a suspected exploit,” Terra stated in their official announcement.
</blockquote>

Terra Blockchain Faces Security Exploit; $6.8M Worth of Tokens Impacted

Table of Contents

BSCN

Other articles published on Aug 9, 2024

Failed FTX exchange to distribute $12.7B in settlement with CFTC

MetaMask Adds 2FA With MultiversX Snap Integration

Activity in FTX Wallets Preparing for Refund! They Will Sell This Altcoin for the First Time!

Bitcoin ETF Funds Achieve Significant Gains in US Markets

Bitcoin Surges as Bulls Regain Control

Legendary Trader Peter Brandt Makes 'Full Disclosure' on ETH

Join our free newsletter for daily crypto updates!