Defi Hack: Neko Network hacked; attackers steal over 2 million in stablecoins

The Defi market is hit with another hack, the blockchain security team, SlowMist announced that the Neko Network is hacked, with over 2 million stolen in Stablecoins. 

Neko Network attacker’s address has obtained 2 million USDT, 390,000 BUSD, and 1 BTCB.

Attackers use PancakeSwap to exchange with BNB

The attackers have used PancakeSwap on the Binance Smart Chain to exchange the stolen stablecoins with BNB. 2,871 BNBs were returned to the network, out of the stolen total of 6390 BNBs. 3,519 BNB remains outstanding; however, the hackers’ intentions do not point towards returning the full amount. The attackers have continued to transfer a scale of 100 BNB at a time, to Tornado Cash, to further mix coins. The hackers’ address had a total of 2020 BNB remaining as of Friday morning.

Attackers find a loophole in Neko’s lending protocol

Hackers found a loophole in Neko Network’s lending protocol on the Binance Smart Chain (BSC). This loophole in the protocol was then used to mortgage assets in the name of the users and the borrowed funds directly sent to the attacker’s address. The asset pools were frozen after the attack was detected to stop the damage.

The Background

The smart contract of neko-core-protocol has never been open-sourced. The Maze team has not yet verified the contract on BscScan. Anyone who wants to proceed the attack above must be fully aware of the leak and holding our ABI. In the other words, the attackers must have access to the code.

▶️ HEADLINES

▶️ SOURCE