Due to a smart contract hack, the Meter Passport token bridge platform has lost $4.4 million, while Hundred Finance has lost $3.3 million due to under-collateralized loans.
The Meter Passport (MTRG) from Meter.io is a token bridge that works with Ethereum and its sidechains. The Moonriver side of the bridge was targeted in this attack.
Moonriver is a smart contract platform built on the Kusama network by Polkadot. Hundred Finance is a cryptocurrency loan platform that is built on the Compound Finance technology.
According to a Feb. 6 announcement from the Meter team, around $4.4 million in Binance Coin (BNB) and wETH were coined through a “wrong trust assumption” in the code starting at 2pm UTC on Feb. 5 and over the course of multiple transactions. In this situation, an arbitrary amount of ETH was placed into Meter, and the hacker leveraged the vulnerability to mint tokens. The attack triggered a chain reaction throughout the Kusama-based Moonriver ecosystem. The attacker sold the BNB on SushiSwap, a popular decentralised exchange, after emptying Meter’s BNB and wETH reserves. This resulted in a 77% drop in BNB prices on Moonriver at the moment.
A handful of shrewd investors took advantage of the price drop by purchasing low-cost BNB. They utilised the tokens as collateral to get ETH, FRAX, and MIM loans via Hundred Finance. However, because of the BNB price disparity, their loans were worth more than the collateral they had supplied, resulting in a supply shortage.
The number of online malicious attacks are increasing day by day. Stay aware and alert.