The blockchain security company mentioned that an arithmetic overflow vulnerability could have contributed to the breach.
According to PeckShield, preliminary research suggests that Poolz Finance has an arithmetic overflow problem. It is a problem of a bigger operation yield vs. the relatively smaller storage system in computer science. PeckShield discovered a repetitive pattern by the same sender for the Token Vesting contract.
According to the source in Solidity,
“Arithmetic operations in Solidity wrap on overflow. This can easily result in bugs, because programmers usually assume that an overflow raises an error, which is the standard behavior in high level programming languages.`SafeMath` restores this intuition by reverting the transaction when an operation overflows.”
Bythos, a blockchain vigilante, was the first to notice and alert PeckShield to the problem.
A cross-chain decentralized IDO platform is Poolz. Because of its infrastructure, cryptocurrency initiatives may receive funding before becoming public. Yet, on the last day alone, the value of its POOLZ coin dropped by nearly 95%.
The price of POOLZ is currently $0.19, which is more than 99% below its all-time high. In April 2021, about two years prior, POOLZ reached its highest price ever at $50.89.
A vulnerability was discovered in the Euler Finance decentralized finance (DeFi) protocol on March 13.
Euler then informed the hacker via an on-chain communication. They said, “If 90% of the funds are not returned within 24 hours, tomorrow we will launch a $1M reward for information that leads to your arrest and return of all funds.”
According to reports, the hackers transferred the money from the protocol to two new accounts. Ethereum and DAI stablecoins were liberally put into the wallets.
A flash loan assault cost Platypus approximately $8.5 million in February. 2022 was the greatest year for hacking, according to research by Chainalysis, with losses of cryptocurrency totaling $3.8 billion. The majority of this cash was generated using DeFi methods.
They are based on a web2 attack pattern, said David Schwed, Chief Operating Officer of blockchain security company Halborn. He stated, “A lot of the hacks that we’re seeing aren’t particularly web3-focused, key exfiltration assaults,” in a talk with Chainalysis. These are classic web2 assaults with web3 repercussions.