One of the leading players in the decentralized finance (DeFi) industry, Zunami Protocol, experienced a serious setback when a security breach led to the loss of more than $2.1 million.
Attackers targeted the platform’s Curve Finance-hosted liquidity pool, which was revealed by blockchain security companies PeckShield and Ironblocks.
Exactly how the Zunami hack was executed
The Zunami Protocol permits decentralized alternative (DEX) enterprises for stablecoins throughout the Ethereum ecosystem. It is mostly run by the “zStables” pool in the Curve community. The protocol aims to lessen the risk associated with any one stablecoin’s eventual collapse by allowing users to diversify their stablecoin holdings. According to Ironblocks, the assault was started by the attacker using a flash mortgage from the “balancer.”
By injecting liquidity into the system through this mortgage, the hacker(s) were able to drastically alter the value. The attacker then continued to use the freshly acquired liquidity to conduct business on the alternative. They then altered the value once more, withdrew the money, and paid back the flash loan, pocketing a profit of 1,152 ether (ETH) in the process.
Effect on native Zunami property
The hack has a substantial effect on Zunami’s native property costs. The Zunami USD stablecoin (UZD) first experienced a drop of over 98%. Second, the Zunami Ether (zETH) fell by more than 85% and ended up at $278.
The fact that the stolen money was channeled through Twister Money, a contentious crypto-mixing service platform, further complicates the breach.