The hack attack on Meter resulted in the loss of about 1391 ETH ($4.3 million) and 2.74 BTC ($115,000), according to blockchain analytics firm PeckShield.
Meter, a blockchain infrastructure company, said $4.4 million was taken during a hack on the network on Saturday morning about 9 a.m. ET. The company claims to provide an architecture that allows smart contracts to scale and travel across heterogeneous blockchain networks.
The hack had an impact on the Meter community as well as the Moonriver community. PeckShield, a blockchain analysis service, confirmed that 1391 ETH and two.74 BTC were stolen during the attack.
Hack attack with fake BNB and ETH transfers
On Saturday at about 2 p.m. ET, the company announced that it had been compromised and advised clients not to trade unbacked MeterBNB circulating on Moonriver.
“We’ve found the problem: Passport has a feature that automatically wraps and unwraps gas tokens such as ETH and BNB for user convenience.” The contract, on the other hand, did not prevent direct interaction between wrapped ERC20 tokens and the native gas token, nor did it properly transmit and verify the correct number of WETH transferred from the callers’ address. The company stated, “We are working on compensating monies to all affected users.”
Meter said around 6 p.m. that all bridge transactions had been halted due to a flaw “caused in the automatic wrap and wrap of native currencies like BNB and ETH extended by the Meter team.”
According to Meter, the hacker was able to make fake BNB and ETH transfers by “calling the underlying ERC20 deposit function” since the code “had an incorrect trust assumption.”
They’re collaborating with police and say they’ve found “early evidence of the hacker,” pleading with the criminal to return the stolen funds.
Customers that held WETH and BNB, as well as “liquidity providers,” are supposedly being compensated through compensation programs.
“We strongly advise any liquidity providers who supply WETH and BNB liquidity to remove their assets from the pool and wait for a further declaration from the Meter team.” Please try to stay away from these pairings as well,” the company stated.
Blockchain firms at the mercy of hackers
Wormhole, a popular decentralized cross-chain message transfer system, was used to steal $324 million on Wednesday. Researchers identified evidence of an 80,000 ETH move from Wormhole, as well as 40,000 ETH purchased by the hacker on Solana.
They’ve offered the hacker $10 million in exchange for the money, as well as the same amount to anyone who can provide information “leading to the arrest and conviction of individuals responsible for the breach.”
Qubit Finance, a DeFi protocol, turned to Twitter just 5 days before the Wormhole event to request hackers to recover more than $80 million that had been taken from them.
The current intrusions are the latest in a series of attacks against DeFi and blockchain platforms that have occurred in the last year. In 2021, a minimum of $2.2 billion was stolen outright from DeFi protocols, according to Chainalysis.
In August, $611 million was taken from Poly Network’s platform, while Bitmart lost $196 million in early December.