Latest News

DeFi Platform Paid Network suffers $3 Million Attack

DeFi Platform Paid Network suffers $3 Million Attack

Paid Network, a crypto project that employs an Ethereum-based token, has experienced a contract exploit, appearing in the minting of approximately $160 million worth of tokens by the attacker. On Mar. 5, at around 18:10 UTC, an anonymous hacker employed a token minting function and developed over 59.4 million PAID tokens worth $166 million at the attack time. Quickly, the hacker transitioned on to trading the illicitly-created tokens on Uniswap. He triumphantly sold around 2.5 million PAID tokens for almost 2000 ETH, equal to $3 million.

PAID tokens drops after the occurrence of exploit

The flood of new tokens into the market immediately plunged the PAID token price from $2.80 to $0.40. The attacker’s wallet yet has above 57 million PAID tokens worth $37 million. The exploit was conceptually equivalent to an attack on insurance protocol cover in late December last year. In that case, the team took a “snapshot” of holders before the attack and assigned a new token, returning the token supply to pre-exploit levels.

After the exploit, Paid Network has declared that it is pulling liquidity from the vulnerable contract. The team also intends to develop a new smart contract to restore token balances. Paid Network has assured that it will publish a detailed report on the hack soon, in a tweet. The development team has rejected an “inside job,” but critics in the community have speculated that a founder may have carried the attack. To support that blame, they claim that specific addresses can only call some functions. 

Furthermore, Nick Chong of Parafi Capital posted on Twitter that Paid’s deployer contract, an externally controlled account, assigned the deployer’s ownership to the attacker quickly before the mint. It indicates that a team member either rug pulled or errantly enabled the attack to occur with a security error. Additionally, a DeFi risk analysis account @WARONRUGS cautioned of precisely this exploit in late January, writing that the contract owner can devise PAID tokens at any time.

Follow BitcoinWorld for the latest updates.

Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions. Crypto is not a legal tender and is subject to market risks. Readers are advised to seek expert advice and read offer document(s) along with related important literature on the subject carefully before making any kind of investment whatsoever. Crypto market predictions are speculative and any investment made shall be at the sole cost and risk of the readers.