The decentralized protocol OnyxDAO experienced a significant security breach, resulting in a loss of $3.2 million from users’ wallets. This incident has raised awareness among users about the persistent risk of hacking, particularly in light of the increasing number of attacks on the cryptocurrency market. Each year, hundreds of cryptocurrency protocols and thousands of users fall victim to hacking, accumulating total losses in the billions.
Details of the OnyxDAO Hack Incident
OnyxDAO faced a loss of $3.2 million due to a security breach detected by PeckShield. On-chain data indicates that the attackers possessed a significant amount of VUSD and transferred funds across various platforms. Currently, the attacker holds approximately 521 ETH.
“It seems that today’s victim is OnyxDAO (> $3.8 million loss). They fell victim to a known vulnerability in the forked CompoundV2 codebase. The stolen assets include 4.1 million VUSD, 7.35 million XCN, 5,000 DAI, 0.23 WBTC, and 50,000 USDT.”
The incident with OnyxDAO stemmed from a vulnerability in the CompoundV2 codebase, which was exploited to manipulate exchange rates and result in fund loss. This highlights the ongoing reluctance of decentralized protocols to conduct thorough code audits. The failure to check a previously identified vulnerability in the forked protocol is a significant oversight. Protocol developers and team leaders often avoid necessary tests and audits due to the high costs, ultimately leaving users to bear the much greater expenses incurred from such breaches.
Rising Security Threats in the Crypto Market
Phishing attacks and bridge hacks are among the common methods used, while other platforms continue to face varying degrees of security breaches. Recently, platforms like Ethena Labs had to suspend operations due to attacks targeting their internet domain.
Similar attacks to the OnyxDAO incident have intensified regulators’ anger towards the cryptocurrency market. However, there have been no concrete steps taken regarding mandatory penetration testing by regulators. If the SEC had pushed protocols and exchanges to identify security vulnerabilities, many billions of dollars in losses could have been prevented for investors.
In this context, enhancing security measures in the crypto market and implementing balanced regulatory efforts will be crucial to preventing similar incidents in the future.
