The DeFi protocol called Grim Finance was bypassed and exploited to snatch $30M worth of cryptocurrency.
Based on the report by Grim Finance, it was subject to an advanced attack via a malicious token contract which let the hacker break into the platform's vault strategy. More specifically, the exploit allowed the user to make additional fake deposits while the website was only processing the first one.
This caused the platform’s vault strategy to break down, which resulted in it being vulnerable to unregulated withdrawals from wallets of other users.
Did you know?
Want to get smarter & wealthier with crypto?
Subscribe - We publish new crypto explainer videos every week!
What is an Automated Market Maker in Crypto? (Animated)
As a result, Grim Finance halted all procedures to reduce any potential losses and advised users to withdraw as fast as possible. They were deeply apologetic about the situation and received support from other blockchain projects.
However, some criticized Grim Finance's inability to secure their platform, stating that it was mandatory to implement a security measure beforehand to prevent abuse of the vaults pattern.
In the course of these events, Grim Finance contacted some top players in the crypto environment, including Circle and AnySwap (now Multichain), and passed on the hacker’s information, so they could block access to any further transactions from the address.
Also, this caused Grim Finance’s token (GRIM) to plummet almost 80% since the attack, which led the cryptocurrency back to its starting point in terms of price (currently at $0,27 for 1 GRIM token).