top of page
PayPal ButtonPayPal Button
PayPal ButtonPayPal Button
PayPal ButtonPayPal Button
PayPal ButtonPayPal Button
  • Writer's pictureKyle

ParaSpace Is Hosting A Twitter Ask Me Anything Tonight At 7 PM EST After An Attempted Hack

Popular Ape staking system, ParaSpace, will be hosting a Twitter “Ask Me Anything” space this evening after a white hat hacker group thwarted an attack on its protocol.


“We'll be hosting an AMA on Twitter Spaces at 7 PM EDT to discuss the recent exploit and address concerns and next steps," Paraspace tweeted this afternoon. “User funds are safe and secure on the platform, and no users will be liquidated as a result of the exploit. We take the security of our users and assets very seriously, and we're committed to maintaining a secure and reliable platform.”





As the Bored Ape Gazette previously reported, ParaSpace says that they lost between 50-150 Eth during the attempted hack this morning “due to slippage from the exploiter swapping between tokens during the exploit.”


ParaSpace said that they will be reimbursing these lost funds back to the protocol in a Twitter post this morning.




This 50-150 Eth loss is small in comparison to the 2,909 Eth or $4.9 million USD that the white hat hacker group, Block Sec, rescued from the would-be thief this morning.


As the Bored Ape Gazette reported earlier today, after an unknown hacker attempted to exploit and Paraspace’s contract three times, Block Sec submitted the same transaction as the would be hacker, but with higher gas fees. As a result, Block Sec was able to remove the 2900 Eth or $4,973,500 USD from the protocol before the hacker could; thus saving the staking system!


“There is a flawed logic in borrow() of the ParaProxy contract (0x638a) of @ParaSpace_NFT," Block Sec tweeted after it saved the funds. “The attacker can borrow more tokens as his scaled Balance will be enlarged by depositing into the position of the proxy (0xC5c9), i.e., specifying the _recipient of depositApeCoin().pecifically, the scaledBalance is calculated with the following formula: sharesAmount.mul(_getTotalPooledApeBalance()).div(totalShares), while _getTotalPooledApeBalance() could be manipulated. In total, there are 6 key attack steps.”





The Bored Ape Gazette will attend ParaSpace’s AMA This evening and will bring you live tweets and updates from the space. Stay tuned for updates!

28 views0 comments

Comentarios


bottom of page