The attacker uses the Rounding bug to steal $20.1 million from the Onyx protocol.

The attacker uses the Rounding bug to steal $20.1 million from the Onyx protocol.

A security breach has resulted in the loss of cryptocurrency assets valued at over $2 million for the DeFi project Onyx Protocol.

The attacker took advantage of a rounding bug in the Onyx Protocol, according to a recent post by blockchain security company Polyzoa, to steal $2.11 million in cryptocurrency from the network.

The post stated that the attacker took advantage of this weakness to steal $2.1 million from the oPEPE market, which had only been launched five days earlier and had no liquidity.

An apparently harmless small donation to the oPEPE market was made by the attacker to kick off their scheme and carry out the exploit.

This made it possible for them to borrow a sizeable sum of money from other markets with plenty of liquidity. Collateral for the loan process was provided by the donated funds.

The attacker then repaid the loans, profiting from the rounding error. ".

It is noteworthy that the exploit used in the Hundred Finance hack and this attack are similar.

That was an example of an attacker manipulating interest rates in order to borrow more money than they had planned to, thus accomplishing their malicious goals.

Technology company Onyx Protocol, founded on the blockchain, says it can offer a more sensible economic model.

In order to support Web3 services and financial products, the project builds cloud infrastructure and cryptographic ledgers.

The attack has not yet been handled by Onyx Protocol.

To steal $2.1M, an attacker took advantage of a known rounding vulnerability in the Onyx Protocol. A well-known rounding bug in the well-liked CompoundV2 fork led to the Onyx Protocol hack. This vulnerability was exploited by the attacker, who took $2.1 million from the oPEPE market, which had only recently been launched. — Polyzoa (@Polyzoa_xyz) November 1, 2023.

Players in the Crypto Space Unite to Fight Scams.

A new feature aimed at enhancing user security has just been unveiled by MetaMask in collaboration with security company Blockaid, according to an announcement made yesterday.

Currently, users of MetaMask desktop can choose to add the Privacy Preserving Offline Module (PPOM) and enable the MetaMask experimental setting in order to enable the new security feature.

PPOM is an offline security engine created by MetaMask that, prior to signing documents, simulates and verifies transactions.

This is accomplished by using node RPC communication requests to a node provider that has been configured, guaranteeing that no private information is transmitted to outside servers.

As part of yet another effort to combat miscreants, a U. S. -led coalition made up of forty nations has promised to never give ransom to cybercriminals.

The International Counter Ransomware Initiative aims to shut down the source of funding for cybercriminals.

With 46% of ransomware attacks occurring in the US, the country is the most affected globally. The decision was made in light of this growing trend.

In Q3 2023, there were 76 hacks on crypto and Web3 projects and firms, according to a report by blockchain security platform Immunefi. This is a significant increase over the 30 hacks reported during the same period in 2022.

September was a record-breaking month for cryptocurrency exploits, with an estimated $332 million lost to various hacks, scams, and exploits.

.