CryptoPotato
CryptoPotato
  • Crypto News
  • Margin Trading
  • Guides
    • Bitcoin & Crypto Guides 101
    • Bitcoin For Beginners
    • Editorials
  • Fund
  • Buy
  • Language
  • Crypto News
  • Bitcoin For Beginners
  • Cryptocurrency Guides 101
  • Editorials
  • Bitcoin & Crypto Margin Trading
  • Bitcoin Price Analysis
  • CryptoPotato Crypto Fund
  • Ethereum (ETH) Price Analysis
  • Ripple (XRP) Price Analysis
  • Market Updates
  • Interviews
  • Buy Bitcoin with Card
  • bitcoin
    BTC$31,432.00
  • ethereum
    ETH$1,165.26
    • Market Updates
    • BTC Analysis
    • ETH Analysis
    • XRP Analysis
    • Interviews
    Home » Crypto News » Hacker Steals $20 Million From DeFi Protocol Pickle Finance

    Hacker Steals $20 Million From DeFi Protocol Pickle Finance

    Author: Felix Mollen

    Last Updated Nov 22, 2020 @ 04:10

    Complex, well studied and not easy. That’s how an expert described the $20 Million hack to DeFi protocol “Pickle Finance”.

    Another day, another DeFi hack. Pickle Finance just announced that funds deposited in one of its smart contracts were stolen by a hacker hours ago.

    The team is still investigating how exactly the hacker stole approximately $20 million in funds. Their wallet is still “dormant” and has not started the “money laundering” phase that tends to follow every hack.

    And if a hack was not enough, Pickle Finance’s token (PICKLE) crashed after the news spread, losing almost 58% in a matter of hours.

    Pickle Finance crashed after the hack. Image: Coingecko
    Pickle Finance crashed after the hack. Image: Coingecko

    The Pickle Finance DeFi Hack Was “Well Studied, and Not Easy”

    Whoever attacked the protocol stole the funds from Pickle Finance’s DAI PickleJar -or pJar. This Jar contained cDAI tokens issued by Compound when Pickle Finance deposited DAI in that protocol.

    Pickle Finance focused on providing an automatic solution for moving funds between various DeFi protocols in order to maximize profits. Hence, they required depositing funds in Compound as a kind of “common ground” for trading and arbitration.

    The attack on Pickle Finance is not following the flash loan M.O that hackers seem to be using to exploit vulnerabilities in most of the DeFi protocols. In this case, the hacker created a malicious contract and used it to interact with legitimate contracts.

    Emiliano Bonassi, the co-founder of DeFi Italia, described an approximation of whow the hacker managed to steal the $20 million. In short, the attacker created “bad jars,” —contracts with a similar interface to the “good jars” but programmed differently. The attacker then exchanged funds between his “bad jar” and the real cDAI Jar, taking the $20 million in deposits.

    Evil jars deployed during the attack and passed in the swapExactJarForJar, investigating more on thishttps://t.co/szRloiecV8https://t.co/l2xT4zhQB1

    The are sensible ops executed in that method (e.g. approve, withdraw etc). pic.twitter.com/29RNkF4vJb

    — Emiliano Bonassi | emiliano.eth (@emilianobonassi) November 21, 2020

    The process, says Bonassi, was extremely complex,”well studied, and not easy.” However, even he finds it curious that the hacker didn’t rely on flash loans.

    DeFi is Great… DeFi Hacks, Not So Much

    The recent wave of DeFi hacks may be a sign of how immature the ecosystem is and why some argue that, right now, DeFi is in no way competition for the more secure and stable traditional centralized finance protocols.

    The most recent cases of attacked protocols are Value DeFi, Harvest Finance, Akropolis, and Balancer. All of them have caused millions of dollars in losses to investors, many of whom had no chances to get their money back due to the projects’ decentralized nature.

    However, as hacks become more popular, the quality of DeFi protocols —and the number of new products— improves. In a way, trying to get a positive spin on something that hardly has one, the pain caused by the hacks has helped strengthen the DeFi protocols. One example is Value Defi, which abandoned its private oracle and started using Chainlink after a millionaire hack.

    Perhaps in the future, hacks will become less frequent, but just as the DeFi phenomenon resembles the ICO hype of 2017, the hacks of 2020 will continue to resemble the exit scams of three years ago.

    Enjoy reading? Please share:
    Facebook Twitter LinkedIn Telegram
    SPECIAL OFFER (Sponsored)
    Binance Futures 50 USDT FREE Voucher: Use this link to register & get 10% off fees and 50 USDT when trading 500 USDT (limited offer).

    PrimeXBT Special Offer: Use this link to register & enter CRYPTOPOTATO35 code to get 35% free bonus on any deposit up to 1 BTC.

    You Might Also Like:

    • Everything You Need to Know About the Yearn Finance Projects
    • DeFiRisks
      DeFi Pulse Launches A Risk Assessment Tool: Aave And Compound Graded As Very Safe
    • DeFiExplosion
      Top DeFi Tokens Explode as TVL Nears $14 Billion
    Read more on: Altcoins Compound DeFi Hacking

    About The Author

    Felix Mollen View more posts by this author

    Felix got into Bitcoin back in 2014, but his interest quickly expanded to everything blockchain-related. He's particularly excited about real-world applications of blockchain technology. Having worked as a professional content writer for three years before that, Felix transitioned to working on blockchain-centered projects and hasn't looked back ever since.

  • bitcoin
    BTC$31,432.00
  • ethereum
    ETH$1,165.26
  • Join Our Community

    FacebookTwitter YouTubeTelegram


    ADVERTISEMENT
    binance
    ADVERTISEMENT
    bitmart
    Bitcoin Editorials
    Ethereum 2.0 Staking on Exchange vs. Creating Your Node: What You Need to Know

    Ethereum 2.0 Staking on Exchange vs. Creating Your Node: What You Need to Know

    5 Possible Reasons For Bitcoin’s Price Surge Over $30,000

    5 Possible Reasons For Bitcoin’s Price Surge Over $30,000

    2020 Year In Review: Bitcoin’s Journey From $3800 To Nearly $30K

    2020 Year In Review: Bitcoin’s Journey From $3800 To Nearly $30K

    6 Reasons For The Ongoing Bitcoin Bull-Run Beyond $20K

    6 Reasons For The Ongoing Bitcoin Bull-Run Beyond $20K

    Is Blockchain The Answer To COVID-19 Led Misinformation and Rumor Mongering?

    Is Blockchain The Answer To COVID-19 Led Misinformation and Rumor Mongering?

    Join Our Newsletter
    Become a CryptoPotato VIP
    One Weekly Email Can Change Your Crypto Life.
    Sign-up FREE to receive our extended weekly market update and coin analysis report
    We NEVER send spam. You can unsubscribe at any time.
    Invalid email address
    Thanks for subscribing!
    About
    Advertise on CryptoPotato
    About Us | Contact Us

    Terms of service | Privacy Policy | GDPR
    More Sections
    IEO List | Evaluations
    Airdrops
    Scholarship
    Cannabis Stocks News | Market Analysis
    Disclaimer
    Disclaimer: Information found on CryptoPotato is those of writers quoted. It does not represent the opinions of CryptoPotato on whether to buy, sell, or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk. Full disclaimer
    © Copyright CryptoPotato 2016 - 2021
    Scroll to top
    One Weekly Email Can Change Your Crypto Life.

    Sign-up FREE to receive our extended weekly market update and coin analysis report

    We never send SPAM. You can unsubscribe at any moment
    Invalid email address
    Thanks for subscribing!