Davide
@0xdavide
☠𒄆👾Even though it happened more than 1 month ago, the Social Engineering attack on the Ionic protocol was quite interesting. The attackers used a fraudulent imitation of the Lombard Bitcoin Token (LBTC) on the Mode network as collateral. Thanks to timely intervention, part of the funds were blocked, but the attacker still managed to move part of the loot to the Ethereum network and mix it with Tornado Cash. This story teaches 2 things: 1️⃣ Evolution of these increasingly sophisticated attacks. 2️⃣ The centralized nature of L2 sequencers. ✅Phases of the Exploit: ✦The attacker deploys a fake token (LBTC) on the Mode network. ✦First contacts ✆ between the attacker and the Ionic team, where after weeks of negotiations he convinces the Ionic team to accept the fake LBTC as collateral. ✦ Creation of a pool on Balancer with 400k USD of liquidity and an API3 oracle to give credibility to the token. ✦ Approved on Ionic Mode Main Market (fake LBTC is approved).
2 replies
1 recast
0 reaction
Davide
@0xdavide
✅Countermeasures and Defensive Actions: ✦The Ionic team, in collaboration with the Mode chain, freezes the attacker's wallet at the sequencer level. ✦$8.8 million blocked 🔒 on Mode, limiting the actual damage to $3.5 million transferred out. ✦Burning 🔥 and reissuing of assets under attacker control, where the code allows it (Layerbank and Ironclad). ✅Further Leakage: ✦The attacker manages to bypass the block on the Mode blockchain with forced transactions on Layer 1. ✦Transfers another 159 ETH to Ethereum using Tornado Cash 💱.
0 reply
0 recast
0 reaction
