Davide pfp
Davide
@0xdavide
☠𒄆👾Even though it happened more than 1 month ago, the Social Engineering attack on the Ionic protocol was quite interesting. The attackers used a fraudulent imitation of the Lombard Bitcoin Token (LBTC) on the Mode network as collateral. Thanks to timely intervention, part of the funds were blocked, but the attacker still managed to move part of the loot to the Ethereum network and mix it with Tornado Cash. This story teaches 2 things: 1️⃣ Evolution of these increasingly sophisticated attacks. 2️⃣ The centralized nature of L2 sequencers. ✅Phases of the Exploit: ✦The attacker deploys a fake token (LBTC) on the Mode network. ✦First contacts ✆ between the attacker and the Ionic team, where after weeks of negotiations he convinces the Ionic team to accept the fake LBTC as collateral. ✦ Creation of a pool on Balancer with 400k USD of liquidity and an API3 oracle to give credibility to the token. ✦ Approved on Ionic Mode Main Market (fake LBTC is approved).
2 replies
1 recast
0 reaction
Davide pfp
Davide
@0xdavide
✅Implementation of the exploit: ✦The attacker mints 250 LBTC and deposits them as collateral on Ionic. ✦Obtains $12.3 million 💰 in assets with the fake collateral. ✦Deposits the stolen assets into the Layerbank and Ironclad protocols to borrow liquid tokens. ✅Transferring stolen funds: ✦Starts transferring stolen assets from the Mode network to the Ethereum network. ✦Exchanges the assets for ETH and deposits them into Tornado Cash to obfuscate the provenance. ✦In total, transfers 1,303.65 ETH to the Ethereum Mainnet, using Tornado Cash 💱.
0 reply
0 recast
0 reaction
Davide pfp
Davide
@0xdavide
✅Countermeasures and Defensive Actions: ✦The Ionic team, in collaboration with the Mode chain, freezes the attacker's wallet at the sequencer level. ✦$8.8 million blocked 🔒 on Mode, limiting the actual damage to $3.5 million transferred out. ✦Burning 🔥 and reissuing of assets under attacker control, where the code allows it (Layerbank and Ironclad). ✅Further Leakage: ✦The attacker manages to bypass the block on the Mode blockchain with forced transactions on Layer 1. ✦Transfers another 159 ETH to Ethereum using Tornado Cash 💱.
0 reply
0 recast
0 reaction