Crypto exploits have accelerated during the bear market. In the latest hack on Tuesday, October 12th, TempleDAO, an Ethereum-based decentralized finance (DeFi) yield-farming protocol, lost an approximate $2.34 million.
The exploit was confirmed by blockchain security companies BlockSec and PeckShield, who explained that the root cause of the hack was “insufficient access to control to the migrateStake function”.
PeckShield revealed that the attacker converted all of the stolen funds, which were mostly denominated in TEMPLE and FRAX, into ETH through Stax Finance, a TempleDAO dApp that has since suspended its operations temporarily. The stolen funds now sit in a new wallet that was previously funded through Binance.
Stax has stated that it is working with Binance to set up a white hat bounty in case the hacker “chooses to return [the] funds and receive a legal bounty”.
Prior to the exploit, the total value locked in the TempleDAO protocol measured to around $57 million, according to DeFiLlama. The attack resulted in the loss of approximately 4% of the protocol’s assets.