Select Page

Visor Finance Releases $500,000 DeFi Heist Post Mortem Report

Visor Finance Releases $500,000 DeFi Heist Post Mortem Report
Loading...
This article is added for educational purpose only. All credit goes to the respected author of this article. All In One Crypto App do not hold any liabilities of this article. You can get the source link at the end of the article content.

The latest decentralized finance (DeFi) protocol to suffer at the hands of bad actors is vault management platform Visor Finance.

In an incident report on June 20, the DeFi protocol revealed that an attacker had obtained access to an account that managed some of its admin functions.

DeFi exploits abound

The malicious actor was able to withdraw funds from deposits that were yet to be placed into the liquidity provider positions, it added.  

Visor reported that the amount stolen equated to around 16.7% of its total value locked of $3 million, or around $500,000. It confirmed that the hacker was not a member of the team and therefore lacked a full understanding of its emergency withdrawal safeguards,

“Stolen funds were thus limited to un-positioned assets and thus the $500k number was not arbitrary.”

Visor Finance confirmed that it used its treasury stash to replace what had been stolen before detailing how it happened.

Admin account compromised

Visor Protocol offers something called a Smart Vault which is a non-fungible token (NFT) vault for users to mint and deposit assets into. This is then used to interact with a “Hypervisor” – a smart contract that connects assets in the vault to external DeFi protocols.

It was the Hypervisor that was compromised during the incursion and the team has admitted that it was at fault for having single admin access and not a multi-signature account.

“But with that said, our mistake was not using a multisig account for all admin functions of the Hypervisor. This has since been corrected.”

Visor stated that it was initially designed this way as it was not practical to have multiple signatures for managing frequent rebalancing on multiple pairs every time a rebalance was needed. An emergency withdraw function was implemented to test the Hypervisors pending a protocol audit as a safeguard in case funds needed to be rescued, it added.

The DeFi protocol confirmed that the smart contracts themselves were not exploited and industry standard practices will be employed going forward.

“We realize the importance of permission management and will only adopt industry standards and best practices now and going forward. We recognize this is a particularly complex design space since it is dealing with both active management and safety of funds.”

Last week, DeFi protocol Iron Finance suffered heavy losses due to what it described as a ‘crypto bank run’.

VISR token price tanks

The protocol’s native token tanked 64% at the time of the incident on June 19, plunging from $0.95 to $0.34 according to CoinGecko.

At the time of writing, VISR was trading at $0.51, down 55% on the week and 87% since its May 5 all-time high of $4.11. The total value locked is around $1.2 million according to DeFi Llama, a slump of 66% from its all-time high of $3.5 million on June 17.

The post Visor Finance Releases $500,000 DeFi Heist Post Mortem Report appeared first on BeInCrypto.

 

Source: BeInCrypto

 


All In One Crypto App presents a unique dynamic crypto course that allows you to become a profitable and successful trader. Download Now
Loading...

Don't forget to share your review/suggestions for android app.

All In One Crypto App is an execution-only service provider. The material provided on this website is for information purposes only and should not be understood as an investment advice. Any opinion that may be provided on this page does not constitute a recommendation by All In One Crypto App or its agents. We do not make any representations or warranty on the accuracy or completeness of the information that is provided on this page. If you rely on the information on this page then you do so entirely on your own risk.es here
Loading...

Categories

Select Sub Category
category
61497682e211a
1
1
Loading....

Reviews

All In One Crypto App

Made $234 profit with Free Signals from $50

This is the best useful app on my phone. Started trading with $50 and in 5 weeks I was up to $234 just with the free signals. I will recommend it to any new person that wants to try trading crypto. Link to Review

Asoluka Chimdindu

Free User
All In One Crypto App

Good Support

This app is one of the best for crypto currency trading signal for experts and beginal with free and premier with auto follow trading bot all the signal is excellent with accurate technical analysis and fundamental I really like the way they guide and support. Link to Review

olaplus olaplus

Premium User
All In One Crypto App

Accurate Trading Signals

I was premium member of this channel back in 2018 when there was no app. Thr signals were too good, more than 90% accuracy. Now with this app and newly introduced auto trading bot, it will be awesome. Too the moon. Link to Review

Yogesh Patil

Premium member
All In One Crypto App

Awesome and Accurate Signals

Very glad to use this app. The crypto signals was awesome and accurate with detailed explanation and visual information. The admin also helpful and nice. Link to Review

soon cheong

Free User
All In One Crypto App

User Friendly App

Signals are great. I love it. App also friendly to use… Nice job guys Link to Review

Olawunmi Dilureni

Premium Subscriber

Recent Comments