Markets News Report
November 01, 2023

Onyx DeFi Protocol Loses $2.1 Million in Hack Exploiting Rounding Issue

In Brief

DeFi protocol Onyx Protocol suffered a hack, leading to a loss of around US$2.1 million.

DeFi Protocol Onyx Suffers $2.1 Million Hack Due to Exploited Rounding Issue

Decentralized finance (DeFi) protocol Onyx reported a loss of approximately $2.1 million in a recent breach. Security threat monitoring platform Beosin’s EagleEye first highlighted the breach, emphasizing their capability in tracking stolen assets.

The tweet from PeckShield Inc. detailed that the Onyx hack was orchestrated by exploiting a recognized rounding problem prevalent in the CompoundV2 fork. The compromised oPEPE market, set up a mere five days prior to the attack, began with no liquidity.

Malicious actors manipulated this barren market, donating to then borrow funds from more liquid markets. They subsequently claimed the donated funds by manipulating the aforementioned rounding vulnerability. It’s worth noting that a similar flaw was the culprit in a prior hack of #HundredFinance, which experienced a staggering loss of around $7 million.

Blockchain Protocol Security in October

In a broader review of blockchain security, Beosin’s monitoring platform suggests a positive trend for October 2023. Losses stemming from security lapses dipped considerably, dropping by 85.6% in comparison to September’s figures. The month of October saw just over 23 distinct security breaches that cumulatively led to losses approximating $51.61 million.

This sum, while substantial, is attributable to hacker attacks, phishing attempts, and Rug Pulls. Dissecting these figures further, direct attacks were responsible for about $28.33 million, Rug Pull schemes for nearly $12.02 million, and phishing activities accounted for close to $11.26 million.

Among the most alarming breaches in October was a $7 million pilfering from the Fantom Foundation’s wallet, a $6 million unauthorized withdrawal from Coins.ph, a Philippines-centric crypto exchange, and a theft of roughly $4.4 million from the acclaimed password management utility, LastPass.

Each of these infractions were connected to the compromising of private keys. Further adding to October’s list were numerous Rug Pull events, each surpassing the million-dollar threshold. One worth mentioning involved the Web3 game project, FinSoul. The project’s developer, Fintoch, had prior associations with deceitful undertakings.

Disclaimer

In line with the Trust Project guidelines, please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. MetaversePost is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.

About The Author

Nik is an accomplished analyst and writer at Metaverse Post, specializing in delivering cutting-edge insights into the fast-paced world of technology, with a particular emphasis on AI/ML, XR, VR, on-chain analytics, and blockchain development. His articles engage and inform a diverse audience, helping them stay ahead of the technological curve. Possessing a Master's degree in Economics and Management, Nik has a solid grasp of the nuances of the business world and its intersection with emergent technologies.

More articles
Nik Asti
Nik Asti

Nik is an accomplished analyst and writer at Metaverse Post, specializing in delivering cutting-edge insights into the fast-paced world of technology, with a particular emphasis on AI/ML, XR, VR, on-chain analytics, and blockchain development. His articles engage and inform a diverse audience, helping them stay ahead of the technological curve. Possessing a Master's degree in Economics and Management, Nik has a solid grasp of the nuances of the business world and its intersection with emergent technologies.

Hot Stories
Join Our Newsletter.
Latest News

The Calm Before The Solana Storm: What Charts, Whales, And On-Chain Signals Are Saying Now

Solana has demonstrated strong performance, driven by increasing adoption, institutional interest, and key partnerships, while facing potential ...

Know More

Crypto In April 2025: Key Trends, Shifts, And What Comes Next

In April 2025, the crypto space focused on strengthening core infrastructure, with Ethereum preparing for the Pectra ...

Know More
Read More
Read more
May 2025 in Blockchain: Key Updates and What’s Coming Next
Digest Business Markets Technology
May 2025 in Blockchain: Key Updates and What’s Coming Next
May 30, 2025
May 2025 in Crypto: Projects That Mattered Across Blockchains
Digest Business Markets Technology
May 2025 in Crypto: Projects That Mattered Across Blockchains
May 30, 2025
Crypto Partnerships Power Up: Coinbase, Binance & Bitget Lead the Charge
Digest Business Markets Technology
Crypto Partnerships Power Up: Coinbase, Binance & Bitget Lead the Charge
May 30, 2025
The Next Wave of Crypto: An Exclusive Podcast with Yat Siu
Hack Seasons Interview Business Markets Technology
The Next Wave of Crypto: An Exclusive Podcast with Yat Siu
May 30, 2025