DeFi protocol bZx attacked once again, lost $8 million

[michellee]

I saw the price of it felt down around 32% yesterday but today seems to be recovering a bit as they tweeted on tweeter that the fond is safe, but its the second time such a thing happen to it ? do they even know how to protect investor's money?!

I guess the down is that that news makes people or investors think that the project can not survive. But if the price can recover and the fond is safe, I think people will put back their trust to that project, but I wonder if people will give a big trust as before because they already saw a problem for that project.
We can hope that the project can protect the investor's money before the other problem happens, so they can at least prepare the project and solve the problem if it's come again.

[minairia3]

Well looks like the attackers will not enjoy the money they stole after they were exposed. Unlucky they fail to withdraw funds in clean manner, these hackers probably only knew how to get in but don’t know how to get out.

There is a reason why they are called hackers. Its imposisble that they cant monetize those money they stolen. There are lots of way on how those people will be seen doing transferring. Bzrx is good platform but with this event occured, Im sure some would panic that their asset werent safe anymore.

[Bttzed03]

Yup. These codes are made by humans, audited by humans, and we all know humans make mistakes.

It's not a reason from "AUDIT Platform" for any kind of business and their service.

They have a service to audit the source code and become the third resource from "non-tech" who doesn't know about programmer and code think and make them secure with the code platform was really safe. Because we have two audit platform who audit the code not only one, and try to accepting the mistake audit because they are human when we have 2 audit platform who make the audit of source code.

If one maybe can accept it, but if more than one still a big question for audit service on how they audit the code.

It shouldn't be use as an excuse, true. My point was to never completely trust the codes and the third party who audits them because it's still prone to human error. It could have been reviewed by three or more and there's still that possibility to miss some codes that can be exploited by hackers.

[bttmember]

This is the failure of not only bzx but also the people who audited it. For most part the project developers are the ones that are mainly responsible. The right thing to do now is to find the bug and fix the responsibility so that nothing like this happens in the future. I hope investor funds will be safe.

[South Park]

A project was built too quickly and did not meet security standards but was still confirmed by 2 audit organizations.
They were attacked three times, previous times with the amount of about 1 million dollars, this time even bigger than that.
A large amount of ICO fundraising is worse than anonymous projects like sushi or spontaneous projects like YFI.

I did not knew their source code was audited and that they received clearance which makes all of this even worse on my eyes after all if those that have the duty to find flaws in the code cannot do it then this mean they are incompetent and we should not trust their judgement because it is even possible they were bribed by the developers to give their OK and to make it seem that everything was OK when it is clear it is not due to the number of successful attacks against this project.

[zasad@]

https://twitter.com/bZxHQ/status/1456603269355094021
"An hour ago it appears that the private key controlling the Polygon and BSC deployments was compromised, leading to loss of funds. The Ethereum deployment is under DAO control and not impacted. We will provide further updates soon."

approval checker
https://etherscan.io/tokenapprovalchecker
https://bscscan.com/tokenapprovalchecker
https://polygonscan.com/tokenapprovalchecker

https://twitter.com/SlowMist_Team/status/1456633190546763779

[Azar138]

This topic is actual again. Three days ago the BZX DeFi protocol has been hacked. The developers of the BZX Defi-lending protocol stated that they had compromised the private key of the project deployment management in the Polygon and Binance Smart Chain (BSC) networks.The audit company SlowMist noticed that 7 wallets have assets worth $ 55 million, which are controlled by hackers.The team added that bZx smart contracts were not compromised.Last year bZx was hacked three times, which led to losses of $ 10 million, the team managed to return $ 8 million.