Posted on 07-24-2020.
During the market crash in March, bad actors stole $8.3 million from DeFi protocol Maker DAO. Latest research from analytical company Blocknative suggested that it was made possible by manipulating the Ethereum (ETH) mempool. https://twitter.com/blocknative/status/1286009935390744576 According to the report, the hackers deployed bots to overload the ETH mempool with unusually low-fee transactions. This slowed down transaction confirmation speed and in some cases even resulted in their failure. Ethereum unconfirmed transaction volume chart
“When the price of ETH collapsed on March 12, a large number of CDPs [collateralized debt positions] immediately became undercollateralized and eligible for forcible liquidation. MakerDAO and the Ethereum ecosystem are incentivized to operate various Keeper bots in order to ensure a competitive marketplace for liquidated CDP positions. Such liquidations occur in auctions.”Due to the clogged mempool, owners of collateral could not get their auction bids through.
“One negative consequence of this congestion were 'zero bid auctions' on liquidated MakerDAO CDPs. Of the 3,994 liquidation auctions associated with Black Thursday, 1,462 or 36.6% were won by zero bids. Over a roughly 12 hour period, $8.32 million in aggregated locked CDP value was lost to these zero bid auctions.”Analysts noted that the cybercriminals conducted a test attack on the network on March 8, four days before the Black Thursday. However, they were unable to find any evidence that the hackers were involved in the market crash. Following the hack, the platform users filed a class action lawsuit for $28 million against the Maker Foundation and several affiliated organizations. Follow us on Twitter and Facebook and join our Telegram channel to know what’s up with crypto and why it’s important.