BTC dominance: 52.52% • ETH Gas: 13 / 13 / 16
RecentCoin RecentCoin
New coins deployed last 24h: +0
Terra Blockchain Faces $5 Million Hack: Major Exploit Involves ASTRO, USDC, and BTC Thefts

Terra Blockchain Faces $5 Million Hack: Major Exploit Involves ASTRO, USDC, and BTC Thefts

full version at en.coinotag
  • The Terra blockchain experienced a major security breach, resulting in a theft of around $5 million in various cryptocurrencies.
  • The attack exploited an unpatched vulnerability concerning an outdated IBC hooks flaw.
  • According to Beosin, the stolen assets amounted to approximately 60 million ASTRO tokens, 3.5 million USDC, 500,000 USDT, and 2.7 BTC.

The Terra blockchain was exploited, causing significant financial losses and shaking the crypto community. Discover the details behind the attack and the subsequent security measures implemented.

Terra Blockchain Hack: Unpacking the Incident

Terra’s blockchain ecosystem faced a substantial breach when hackers manipulated vulnerabilities within the IBC transfer process. The specific exploit involved a malicious CosmWasm contract that triggered the MsgTimeout within the IBC hook’s OnTimeout callback, leading to the unauthorized minting and off-platform transfer of tokens. The assets stolen included approximately 60 million ASTRO tokens, 3.5 million USDC, 500,000 USDT, and 2.7 BTC. This breach, which exploited a flaw known since April, exposed critical security lapses within Terra’s infrastructure.

Detailed Mechanism Behind the Exploit

The hack was confirmed by security researcher Rarma, who highlighted that the exploit stemmed from an unpatched IBC hooks vulnerability. By deploying a malicious CosmWasm contract and leveraging IBC interactions, the attacker repeatedly triggered the MsgTimeout within the IBC hook’s OnTimeout callback before the packet commitment deletion. On platforms integrating ICS-20 with ibc-hooks, this allowed recursive execution of the OnTimeout callback’s logic within the transfer application, creating conditions for unauthorized fund transfers or unexpected token minting.

The Immediate Response and Mitigation Efforts

In response to the breach, the Terra development team acted swiftly by halting the blockchain to prevent further exploitation. This proactive measure was communicated to the community, ensuring transparency. Approximately four hours after the halt, an emergency patch was deployed to rectify the exploited vulnerability and enhance the blockchain’s defenses. The chain resumed block production shortly thereafter, with validators holding over 67% of the voting power upgrading their nodes to prevent future occurrences.

Impact on Terra and Broader Implications

The successful exploitation and the subsequent emergency measures cast a spotlight on the importance of timely security updates and rigorous smart contract audits within the DeFi ecosystem. The stolen assets, rerouted and swapped for Ether (ETH), underscored the need for continual vigilance and dynamic response strategies to combat sophisticated cyber threats. The overall asset value within Terra didn’t reflect these losses long-term, as the exploited tokens were effectively removed from the platform during the hackers’ exit strategy.

Conclusion

The recent breach of the Terra blockchain serves as a critical reminder of the vulnerabilities inherent in DeFi systems. The attack’s execution through an unpatched IBC hooks flaw and the blockchain’s subsequent swift recovery efforts highlight both the risks and the resilience within the crypto space. Moving forward, consistent security upgrades and robust auditing practices will be imperative to safeguard assets and maintain trust within the blockchain community.

The post Terra Blockchain Faces $5 Million Hack: Major Exploit Involves ASTRO, USDC, and BTC Thefts appeared first on COINOTAG NEWS.

DeBank.com spLP profile by en.coinotag

Recent Crypto News

Cardano Skyrockets 300% in Funds Inflows as Bulls Take Charge
Cardano Skyrockets 300% in Funds Inflows as Bulls Take Charge
Added 43 minutes, 50 seconds ago by en.coinotag
Crypto.com Partners Up With Abu Dhabi Combat Club
Crypto.com Partners Up With Abu Dhabi Combat Club
Added 43 minutes, 51 seconds ago by bitcoinworld.co.in
BitClout Founder Charged With Fraud by SEC and Justice Department
BitClout Founder Charged With Fraud by SEC and Justice Department
Added 43 minutes, 53 seconds ago by bitcoinworld.co.in
Bitcoin Liquidation Set to Surge at $70k Amid Market Volatility
Bitcoin Liquidation Set to Surge at $70k Amid Market Volatility
Added 59 minutes, 3 seconds ago by en.coinotag
Ripple’s Alderoty Criticizes SEC’s U-Turn on Solana and Cardano Security Status in Binance Case
Ripple’s Alderoty Criticizes SEC’s U-Turn on Solana and Cardano Security Status in Binance Case
Added 59 minutes, 5 seconds ago by en.coinotag
XRP Price Surge ‘May be Just Beginning’ After Over 37% Rise in a Month: Analyst
XRP Price Surge ‘May be Just Beginning’ After Over 37% Rise in a Month: Analyst
Added 59 minutes, 6 seconds ago by cryptoglobe

Recent conversions

73.5 ETH to USD 10 ETH to NZD 0.225 ETH to NZD 0.00010000 BTC to AUD 10000 CFA to ETH 0.185 ETH to NZD 0.001 LTC to CAD 0.003 BTC to EUR 5000 NT to CHF 23000 PKR to USD 0.34 BTC to CHF