Smart Contracts Focused Blockchain Infra Service Provider Loses $4.40mln in Cyberattack

Meter, a blockchain framework startup, reported $4.4 million was taken after a breach on the platform on Saturday morning, about 9 a.m. ET. According to the business, it provides an architecture that enables smart contracts to expand and transit across disparate blockchain systems.The breach impacted both the Meter and Moonriver networks. PeckShield, a blockchain research business, revealed that 1391 ETH and 2.74 BTC were taken in the attack. At about 2 p.m. ET on Saturday, the firm announced that it had been compromised and encouraged customers to avoid trading unbacked meterBNB on Moonriver.

“We have detected the problem: Passport has a function that allows users to easily wrap and unwrap gas tokens such as ETH and BNB. Nevertheless, the contract did not prevent direct contact between the wrapped ERC20 tokens and the native gas token, nor did it correctly transmit and validate the right amount of WETH from the callers’ address. The firm said it is now working on reimbursing all impacted users. By 6 p.m., Meter had halted all bridge transactions and determined that the problem was caused by a flaw “created in the automatic wrap and wrap of indigenous tokens such as BNB and ETH enhanced by the Meter team.”

As per Meter, the expanded code had a “mistake in trust” that enabled the hacker to create bogus BNB and ETH remittances by “activating the underlying ERC20 deposit mechanism. They are collaborating with police and claim to have discovered “early evidence of the hacker,” pleading with the perpetrator to refund the stolen funds. According to reports, compensation arrangements are being developed for customers who own WETH and BNB, and also the “providers of liquidity.” We strongly encourage any liquidity providers who offer liquidity using WETH and BNB to withdraw from the pool and await further communication from the Meter team.

Please refrain from dealing in these currency pairings as well,” the company elaborated. A total of $324 million was stolen on Wednesday via the widely used decentralized cross-chain message transmission mechanism, Wormhole. Researchers discovered proof of an 80,000 ETH transaction from Wormhole, and also a hacker selling another 40,000 ETH on Solana.

They have given the hacker $10 million in exchange for the money restoration and the same sum to anybody who can reveal details “resulting in the trial and imprisonment of those liable for the breach.” Five days prior to the Wormhole attack, Qubit Finance, a DeFi protocol, came to Twitter to plead with hackers to recover over $80 million that had been taken from them.

The new intrusions are the latest in a series of assaults against DeFi and blockchain platforms over the past year. Chainalysis stated that in 2021, a minimum of $2.2 billion was directly stolen from DeFi protocols. Poly Network’s platform was robbed of $611 million in August, while Bitmart recorded a loss of $196 million at the start of December.