Concentric’s $1.8M exploiter is tied to OKX and LunaFi incidents, CertiK reports

10 months ago 85
ARTICLE AD

On-chain data shows that the exploiter’s wallets were funded by addresses connected to three notorious security incidents.

Concentric Finance’s exploiter is linked to OKX, UnoRe, and LunaFi’s security incidents, reveals a report published by blockchain security firm CertiK on Jan. 22. The ties were uncovered when CertiK identified a wallet used by Concentric’s exploiter that was funded by addresses tied to OKX and UnoRe attacks.

In a Jan. 22 post on X (formerly Twitter), liquidity manager Concentric warned users to avoid interactions with the protocol after identifying a security incident. CertiK identified a suspicious wallet minting CONE-1 LP tokens and using them to drain liquidity from the pools.

Concentric later confirmed that the breach stemmed from a compromised private key of an admin wallet. The attacker transferred ownership to a wallet addressed as 0x3F06, which then initiated the creation of malicious liquidity pools under their control.

Concentric.Fi’s $1.8M attacker is tied to OKX and LunaFi incidents, reports CertiK

This maneuver allowed the attackers to mint an excessive number of LP tokens and withdraw ERC-20 tokens from the protocol. These tokens were then exchanged for Ethereum (ETH) and dispersed across three wallets, one of which is publicly identified as associated with the OKX exploit in Etherscan.

In a sophisticated chain of transactions, almost $2 million was stolen, ranking this as the ninth-largest attack in crypto this month. Notably, one of the wallets, 0xc62A25462A61f02EBAB35Cd39C5E9651426e760b, was instrumental in redirecting user-approved funds from Concentric contracts, converting them to ETH and transferring them to another wallet, accounting for more than $154,000 of the total stolen funds.

Concentric.Fi’s $1.8M attacker is tied to OKX and LunaFi incidents, reports CertiK

Concentric announced a $100,000 bounty pool for any information leading to the recovery of the funds, and its services are halted for an undetermined period. However, investors are still waiting for information regarding how the protocol will respond to this breach and what measures will be taken to prevent future incidents.

The threat of compromised private keys

In its ‘Hack3d: The Web3 Security Report’ published Jan. 3, CertiK highlights private key compromises as the most profitable method for exploiters. Six of the ten most costly security incidents throughout 2023 were due to private key compromises, with the total amount stolen from Web3 platforms totaling $880.8 million.

Simultaneously, this attack vector was the least used by hackers in 2023, which might serve as an example of how costly these exploits caused by private key compromises could be.

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.

Read Entire Article