QuickSwap Hacked for $220,000: They Intend to Shut Down the Lending Sector

As stated by the exchange, $220,000 was stolen from QuickSwap, a decentralized exchange platform running on the Polygon chain.

As per QuickSwap, Market XYZ  was the sole platform affected by the attack. PeckShield had first connected the hack to Qi DAO, the company behind the miMatic stablecoin. Subsequently, the security and analytics company blamed a QuickSwap vulnerability for the hack.

QuickSwap lend is about to close when the DEX subsequently verified that $220,000 had already been misused through flash loans. On the morning of Monday, an upgrade had been planned, but consumers were forced to wait for information on the problem for about 12 hours.

QuickSwap took to Twitter to announce the following: “We are encouraging users with funds deposited in Market xyz’s open markets on QuickSwap to withdraw them now, as we are in the process of closing them down.”

Referring to the exploit, PeckShield noted that: “It is a price manipulation issue. The miMATIC market uses CurvePoolOracle for price feed, which is manipulated to borrow funds from the market.”

Based on PeckShield’s assessment, it seems the hack exploited price manipulation to borrow money at a premium. After returning the assets to Ethereum (ETH), the exploiter transferred them to Tornado Cash, a mixing provider that was the target of US Treasury penalties a couple of months back. As per QuickSwap, no user holdings were stolen.