dYdX Identifies Hacker in $9M SUSHI and YFI Incident

Bitget App

Trade smarter

Bitget

News

DailyCoin2024/01/08 13:25

By:DailyCoin

dYdX has published a post-mortem report on a recent attack.
The exchange detailed how the attacker manipulated market positions.
The report stated the exchange had uncovered the identity of the attacker.

Decentralized exchange dYdX has issued a post-mortem report identifying the hacker behind a SUSHI and YFI incident it recently experienced on its v3 platform, leading to millions of dollars in losses.

On November 18, dYdX announced that an attacker had used $9 million from its insurance fund “to fill gaps on liquidations processed in the YFI market.” While the exchange stated that no user funds were affected, 40% of the insurance fund was reportedly drained in the attack.

dYdX Issues Post-mortem Report on $9 Million Attack

Per the report , on November 1, dYdX became aware of 132 addresses connected to its v3 platform and linked to a single funding source. The wallets opened highly leveraged SUSHI long positions, significantly increasing open interest in the SUSHI-USDC market.

Although the exchange raised its marginal requirement to 100% to prevent further profitable withdrawals from these trades, the attacker replicated a similar trading pattern in the YFI-USDC market a few days later.

“The attacker appeared to have a clear strategy: build leveraged long positions on dYdX v3 prior to purchasing $SUSHI and $YFI spot. Ultimately, the price moves in $SUSHI and $YFI were possibly due to some combination of an organic price move and the attacker’s coordinated aggressive buying in spot markets,” the report read.

To maximize their gains, the attacker withdrew unrealized profits from their long positions before redepositing these profits in newly connected wallets to expand their long positions. In the long haul, the attacker used a deposit of $16 million to drain $9 million from the insurance fund.

dYdX revealed that it had uncovered the identity of the hacker and that it was in contact with them. Further, the exchange clarified that it was “assessing all legal options” to resolve the matter, including assisting law enforcement in their investigation.

Read how the Orbit cross-chain bride was recently exploited:
Orbit Cross-Chain Bridge Hit for $82 Million

Stay updated on how the Nest Wallet CEO fell victim to a phishing attack:
Nest Wallet CEO Loses $125,000 to LFG Token Phishing Attack

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.

APR up to 10%. Always on, always get airdrop.

Lock now!

Share link:In this post: ChatGPT’s head of product, Nick Turley, has been added as a witness for the United States Department of Justice (DOJ) in its antitrust case against Google. Nick Turley is the latest addition to the witness list that features representatives from Perplexity and Microsoft. Google ramps up preparation for Turley’s testimony by asking for documents related to the hearing from OpenAI through a subpoena.

Cryptopolitan•2025/01/18 16:01

SEC charges New York blockchain engineer over GME rug pull fraud

Share link:In this post: Eric Zhu settled SEC fraud claims for orchestrating a rug pull scheme involving Game Coin. Zhu allegedly misappropriated $553K by moving unlocked liquidity provider tokens to his control. The case marks one of SEC Chair Gary Gensler’s final enforcement actions.

Cryptopolitan•2025/01/18 16:01

Ethereum And Solana Investors Are Enticed To FX Guys ($FXG) Amid Impressive Profit Predictions For 2025

Ethnews•2025/01/18 15:55