Terra blockchain briefly halted operations on Wednesday
before restarting it, following a $4 million exploit, Coindesk reported. This
abrupt interruption resulted from a reentrancy attack that exploited a known
vulnerability, leading to the theft of the funds in various tokens.
Exploit and Immediate Response
On Wednesday, Terra developers identified an exploit in the
blockchain that led to the theft of substantial assets. The attack targeted a reentrancy vulnerability initially disclosed in April but unfortunately
reappeared in a June update.
The network was forced to halt at block height 11430400 to
implement an emergency patch. The fix was completed at 04:19 UTC to seal the vulnerability.
Terra blockchain was exploited for ~60M $ASTRO, 3.5M $USDC, 500k $USDT, and 2.7 $BTC.The attacker exploited a reentrancy vulnerability in the timeout callback of ibc-hooks. The vulnerability was disclosed in April this year:https://t.co/CY39X28KyE https://t.co/hY9xA40hbJ
— Beosin Alert (@BeosinAlert) July 31, 2024
A statement on social media platform X highlighted that
validators, who control over 67% of the voting power on Terra, upgraded their
nodes to prevent future exploits. Security firm Beosin reported that the stolen
assets included $3.5 million in USDC stablecoin, $500,000 in USDT stablecoin,
2.7 bitcoin (BTC), and over 60 million of Astroport’s ASTRO tokens.
Crypto Prices React
The attack’s repercussions were immediate and severe. ASTRO tokens experienced a 50% drop in CoinMarketCap’s daily chart. Additionally, Terra’s Luna Classic (LUNC) experienced a 1% drop.
Reentrancy is a bug in the blockchain ecosystem that allows attackers to
manipulate a smart contract by making repeated calls to a protocol, thus
enabling them to siphon assets.
Last month, Terraform Labs and its former CEO, Do Kwon, agreed to pay approximately $4.5 billion in recovery and civil penalties to the SEC. The settlement was entered into with the US regulator as specified in a court filing. Additionally, Kwon and Terraform Labs were permanently blocked from purchasing and selling crypto securities, including digital assets in the Terra ecosystem.
In another development, the decision to extradite Do Kwon to either the US or South Korea was referred to the High Court in May after the Court of Appeal of Montenegro was awarded an appeal by the Terraform Labs’ co-founder and his lawyers.
This article was written by Jared Kirui at www.financemagnates.com.