While DeFi is definitely the future of finance, security is unfortunately scarce at the moment. Audits are becoming more and more expensive and many projects are deciding not to do them, putting their own money and that of their users at risk. We recently witnessed two hacks in 10 days against ChainSwap, a DeFi project that lost around 8 million dollars, also causing severe dumps to around 10 tokens!
The first attack occurred on 2 July, causing $800,000 in damage, while the second attack took place over the weekend, bringing the total damage to more than $8 million. ChainSwap representatives warned users from their official Twitter account not to buy any native tokens from the platform these days to avoid greater losses. Less than an hour later, they posted another tweet, notifying users that they had taken a snapshot of the various wallets prior to the hack. They also stated that they would establish a compensation plan for lost tokens.
The attack reportedly affected more than 10 projects. The decentralized oracle Umbrella Network had over 3 million UMB tokens stolen, causing a sudden dump and fear among token holders. Unfortunately, Umbrella is not the only project targeted, as others have also suffered the same fate: Antimatter, Dafi, Blank, Razor and Oro. The hack also affected Option Room, a protocol we have already talked about in the past months. Here the damage is lower, but it is still $550,000 in ROOM tokens. According to their compensation plan, the ChainSwap team, with the help of the police and OKEx, managed to find the attacker’s email address and started negotiations with them. We’ll see how things play out in the coming days.
This attack, like many other hacks on DeFi projects, should serve as a lesson and remind everybody that DeFi protocols are unfortunately still very risky, so it is recommended to always use the top products that have done several Audits such as Compound, Curve, Uniswap, MakerDao and so on. Obviously these projects can also be victims of hacker attacks, but when billions of dollars are at stake, security always comes first.
A similar hack occurred on the DODO exchange a few weeks ago, causing problems for several high quality projects such as wCRES and others, bringing the price of their tokens down to -50%. In such cases, when the hack does not depend on the project itself but on external projects, buying the token in question could be a very good idea. If you know the project well and know that the team is doing their job, in 99% of cases the price will go back to what it was before after the hacker dumps the stolen tokens. So projects like ROOM and UMB were certainly worth buying and the price is confirming this ‘strategy’ since it is already back to pre-hack levels! Take care and happy DeFi to all!