blockchainreporter.net
Amid the recent disclosure of an attack on the decentralized exchange Level Finance, new developments from the exploiter have arisen. The attacker has allegedly transferred approximately 3,345 Binance Coins (BNB), valued at around $1 million, to Tornado Cash according to the latest reports.
#PeckShieldAlert @Level__Finance Exploiter transferred 3,345 $BNB (~$1M) to Tornado Cashhttps://t.co/3mck6hrEM0https://t.co/klJaH2Ju8e pic.twitter.com/bpsBfVqz63
— PeckShieldAlert (@PeckShieldAlert) May 29, 2023
The breach came to light as Level Finance conducted a thorough investigation into the incident, uncovering the unauthorized access and subsequent transfer of funds. The exchange promptly took measures to address the security vulnerability and enhance its defenses against similar attacks in the future.
The transfer of funds to Tornado Cash, known for its ability to obfuscate transaction trails, poses challenges for tracking and recovering stolen assets. The initial exploit, which involved the manipulation of the “claim multiple” bug, highlights the complexities associated with security breaches in decentralized ecosystems and serves as a reminder of the importance of robust security measures.
The attack on level finance
Level Finance made the announcement on May 10 that it will be instituting a bug bounty program with prizes of up to $1 million “for critical vulnerabilities.” On the same day, the smart contracts functionality of the DeFi platform was integrated into the Immunefi bug bounty program.
It seems the @Level__Finance's LevelReferralControllerV2 contract has a bug that allows for repeated referral claims from the same epoch. So far 214k LVLs have been drained and swapped into 3,345 BNB (~1M)
— PeckShield Inc. (@peckshield) May 1, 2023
Here is an example hack tx: https://t.co/isqHhzFk1Z https://t.co/ikOWx2ezf6 pic.twitter.com/wlr5bFFf0R
There has been no movement other than the announcement of a bug bounty program, and the firm has not made any formal announcements on any plans to repay the lost funds. This is not the first time that the BSC network has been hacked. The OceanLife (OLIFE) token on the BSC blockchain was also the target of an exploit a month ago, which led to a value reduction of one hundred percent. After breaking into the blockchain-based cryptocurrency company Qubit Finance, which was situated in BSC, a hacker stole BNB worth $80 million in January 2022
The crypto community is closely monitoring the situation, eager for updates from Level Finance regarding the progress of their investigation and the steps taken to address the exploit. This incident serves as a reminder of the ongoing efforts required to ensure the safety of user assets within the crypto industry.
As security remains a paramount concern, this breach highlights the need for continuous improvement in security practices across decentralized exchanges. It serves as a valuable lesson for the industry, emphasizing the importance of proactive measures and the constant adaptation of security systems to protect user funds effectively.