Davide
@0xdavide
☠𒄆👾Even though it happened more than 1 month ago, the Social Engineering attack on the Ionic protocol was quite interesting. The attackers used a fraudulent imitation of the Lombard Bitcoin Token (LBTC) on the Mode network as collateral. Thanks to timely intervention, part of the funds were blocked, but the attacker still managed to move part of the loot to the Ethereum network and mix it with Tornado Cash. This story teaches 2 things: 1️⃣ Evolution of these increasingly sophisticated attacks. 2️⃣ The centralized nature of L2 sequencers. ✅Phases of the Exploit: ✦The attacker deploys a fake token (LBTC) on the Mode network. ✦First contacts ✆ between the attacker and the Ionic team, where after weeks of negotiations he convinces the Ionic team to accept the fake LBTC as collateral. ✦ Creation of a pool on Balancer with 400k USD of liquidity and an API3 oracle to give credibility to the token. ✦ Approved on Ionic Mode Main Market (fake LBTC is approved).
2 replies
1 recast
0 reaction
Davide
@0xdavide
✅Implementation of the exploit: ✦The attacker mints 250 LBTC and deposits them as collateral on Ionic. ✦Obtains $12.3 million 💰 in assets with the fake collateral. ✦Deposits the stolen assets into the Layerbank and Ironclad protocols to borrow liquid tokens. ✅Transferring stolen funds: ✦Starts transferring stolen assets from the Mode network to the Ethereum network. ✦Exchanges the assets for ETH and deposits them into Tornado Cash to obfuscate the provenance. ✦In total, transfers 1,303.65 ETH to the Ethereum Mainnet, using Tornado Cash 💱.
0 reply
0 recast
0 reaction
