A vulnerability in the Team Finance DeFi protocol resulted in the theft of $15.8 million worth of crypto assets.
one/ @TeamFinance_ was exploited in https://t.co/9s5lLx7EOr,
leading to the loss of ~$15.8M for the protocol: $11.5M(V2_USDC_CAW)+$1.7M(V2_USDC_TSUKA)+0.7M(V2_KNDX_WETH)+1.9M(V2_FEG_WETH). @trustswap https://t.co/7r1F0J6ATv— Peck Shield Inc. (@peckshield) October 27, 2022
According to the analysis of PeckShield specialists, the hacker used a vulnerability in the token migration function. He sent real liquidity from Uniswap V2 to new pairs on the third version of the protocol with a “distorted” price, returning “huge profits”.
2/ The protocol has a flawed migrate() that is exploited to transfer real UniswapV2 liquidity to an attacker-controlled new V3 pair with skewed price, resulting in huge leftover as the refund for profit. Also, the authorized sender check is bypassed by locking any tokens. pic.twitter.com/G2QVNU7DgU
— Peck Shield Inc. (@peckshield) October 27, 2022
It only took him 1.76 ETH worth ~$2730 at the time of writing to steal the funds. The attacker transferred money from the automated FixedFloat crypto exchange.
In total he stole:
- ~$15.4 million in Hunters Dream (CAW) tokens;
- ~$1.7M in Dejitaru Tsuka (TSUKA);
- ~$2.6M in WETH.
At the moment, the fact of the theft of money was confirmed by the Team Finance team and stated that the function used by the attacker was audited.
“We are temporarily suspending all operations through Team Finance until we are confident that the exploit has been fixed. All funds currently in the protocol are not further at risk due to this vulnerability,” the team said.
We have just been alerted of an exploit on Team Finance.
We are currently unsure of the details.
We urge the exploiter to get in contact with us for a bounty paymentWe are working to analyze and remedy the situation at this very moment.
More details to follow
— Team Finance (@TeamFinance_) October 27, 2022
