BTC PULSE
  • News
    • Altcoins
    • Blockchain
    • Bitcoin
    • Ethereum
    • NFT
    • Regulation
    • WEB 3.0
  • Price Prediction
  • Learn
  • Events
  • Advertise
No Result
View All Result
Play Now
  • News
    • Altcoins
    • Blockchain
    • Bitcoin
    • Ethereum
    • NFT
    • Regulation
    • WEB 3.0
  • Price Prediction
  • Learn
  • Events
  • Advertise
No Result
View All Result
BTC PULSE
No Result
View All Result
Play Now
Home Blockchain

CertiK Issues Skynet Alert: Era Lend Suffers $3.4 Million Exploit on zkSync

by Dan K
Jul 26, 2023 - 2:00 pm
in Blockchain
Representatives from government, banks, and major firms at HashKey Capital's grand launch in Hong Kong.

CertiK Reports Read-Only Reentrancy Attack on Era Lend

CertiK, a blockchain security company known for identifying vulnerabilities and exploits, has revealed the recent attack on Era Lend as a “read-only reentrancy attack.” This kind of assault disrupts the natural flow of transactions within a smart contract. An attacker interrupts a series of operations, manipulating the contract to continue executing malicious actions without updating its state.

Attack Mechanism Uncovered

According to the report, the attacker drained funds using two separate transactions from the account 0xf1D076c9Be4533086f967e14EE6aFf204D5ECE7a. A vulnerability was discovered in the callback and _updateReserves function of the platform, allowing the attacker to report outdated values.

Era Lend’s Prompt Response and Precautionary Measures

The Era Lend team promptly identified the attack and took immediate steps to safeguard their protocol’s zkSync contracts. They have since released a statement advising users to refrain from depositing the USDC asset for now, as it was the pool targeted by the attacker.

Other Syncswap Projects Could Be Next

As Era Lend is a fork of the Syncswap project, which facilitates easy-to-use decentralized finance (DeFi) and scales Ethereum (ETH), CertiK suggests that other projects using Syncswap might also be targets for similar exploits.

Concluding Remarks

This high-profile exploit of Era Lend on the zkSync platform underscores the urgency and importance of robust security measures within the blockchain and defi space. The incident highlights the sophisticated and evolving tactics employed by malicious actors in this arena, in this case, a read-only reentrancy attack.

Prompt detection and action by the Era Lend team demonstrate their commitment to user safety. Their subsequent precautions, including advising users to refrain from depositing into the affected USDC pool, are prudent steps towards damage control.

However, the threat extends beyond just Era Lend. Other projects using Syncswap could potentially be the next victims. As such, blockchain security companies like CertiK continue to play a crucial role in mitigating these threats, constantly identifying vulnerabilities and issuing alerts. This incident serves as a stark reminder for the defi community to stay vigilant and prioritize security in these fast-evolving digital times.

Tags: BlockchainCertiKHackZkSync
Dan K

Dan K

Dan K, the chief editor, is a visionary wordsmith, shaping narratives with finesse. His discerning eye for detail creates literary masterpieces.

Related Posts

Brad Garlinghouse announcing the update on the Fortress Trust acquisition.

Ripple Abandons Planned Fortress Trust Acquisition Deal

September 29, 2023

Ripple, in a sudden twist, cancels the intended acquisition of Fortress Trust, emphasizing continuous support and investment in...

Kraken logo with stock and ETF graphs in the background, symbolizing their new venture into traditional markets.

Kraken Eyes Traditional Stock Market with 2024 Launch of New Trading Platform

September 28, 2023

Kraken exchange announces the 2024 introduction of Kraken Securities, paving the way for combined stock, crypto, and ETF...

Diagram illustrating the architecture and components of the Hedera network.

Hedera Crypto: Unveiling the Features of the Hedera Network

September 28, 2023

Hedera crypto offers a comprehensive suite of features for developers and users. Discover the ultimate power of Hedera's...

Shanghai cityscape with overlaying blockchain icons representing its commitment to technological growth.

Shanghai Unveils Blueprint to Boost Blockchain Progress by 2025

September 27, 2023

Shanghai announces a comprehensive strategy targeting rapid blockchain evolution by 2025, aligning with China's support for domestic blockchain...

Press Releases

David Ferrucci next to the Elemental Cognition brand emblem.

BM Watson’s Lead Developer Secures $60M for New AI Venture, Elemental Cognition

August 18, 2023

David Ferrucci, has raised a remarkable $60M for his AI startup. The company brings forward two pioneering chatbot solutions designed...

pulse5

Amsterdam Gets with the Dutch Blockchain Days the Biggest Event of the Benelux in the Field of Blockchain, Crypto Currencies, NFTs and Other Web3 Developments

May 8, 2023

Discover the future of blockchain, crypto, NFTs, and Web3 at Dutch Blockchain Days, the largest event in Benelux.

pulse4

Korea Blockchain Week 2023 Set to Push the Boundaries after Record-Breaking 2022 Event

May 8, 2023

Korea Blockchain Week 2023 returns after a highly successful 2022 event, featuring leading experts and the latest trends in blockchain...

pulse3

Istanbul Will Be Hosting Eurasia’s Largest Blockchain Event Once again on May 8–11, 2023

May 8, 2023

Join Eurasia's largest blockchain event, the Blockchain Economy Istanbul Summit, May 8-11, 2023, and discover the future of financial technology.

View All
BTC-Pulse LogoTransparent

© 2023 BTC-PULSE. Disclaimer: The content is for informational purposes only, you should not construe any such information or other material as legal, tax, investment, financial, or other advice.

News

  • Altcoins
  • Bitcoin
  • Ethereum
  • NFT
  • Regulation
  • WEB 3.0

Info

  • Learn
  • Price Prediction
  • Events
  • Press Releases
  • Sitemap

Company

  • About Us
  • Terms of Service
  • Privacy Policy
  • Contact Us
  • Advertise

©2023 BTC-PULSE – All right Reserved.

No Result
View All Result
  • News
    • Altcoins
    • Blockchain
    • Bitcoin
    • Ethereum
    • NFT
    • Regulation
    • WEB 3.0
  • Price Prediction
  • Learn
  • Events
  • Advertise