FinneysTrueVision (OP)
|
|
October 26, 2020, 05:56:28 AM |
|
An exploit in DeFi protocol Harvest Finance has caused over $25 million in funds to be stolen. Most of these funds have been traded for renBTC and mixed through Tornado Cash. The protocols native token FARM has fallen 65% in value. It's possible that this could be an exit scam since Harvest Finance's anonymous devs supposedly have an admin key that can drain the protocol's contract. https://www.coindesk.com/defi-platform-harvest-finance-exploit
|
|
|
|
unusualfacts30
|
|
October 26, 2020, 06:08:03 AM |
|
Lets not come to any conclusion so quickly but this quote from the article sounds very suspicious. The attack comes after DeFi analyst Chris Blec claimed Harvest Finance’s administrators held an “admin key that can drain funds” locked in the protocol’s contracts. Only people who carry the load of this would be investors. so sad.
|
|
|
|
Nalbo
|
|
October 26, 2020, 06:23:37 AM |
|
It comes as no surprise for most of us. Though DEFI are a good option, there's no market large enough to sustain a lot of them and it's still would be difficult for good ones to bring insanely large profits as the DEFI are generally characterized by lower fees. When people are here for overnight money doubling, it's possible only when you are scamming your own customers and investors.
|
|
|
|
Anarchy101
Legendary
Offline
Activity: 1316
Merit: 1004
|
|
October 26, 2020, 06:34:27 AM |
|
If I am not mistaken KAVA protocol too had a side-project called HARVEST, right? is it the same project or a different one? These anonymous devs and their unaudited contracts are getting worst each day.
|
|
|
|
tsaroz
Legendary
Offline
Activity: 3080
Merit: 1069
Vave.com - Crypto Casino
|
|
October 26, 2020, 06:46:12 AM |
|
The team is giving out more and more info and I guess it was not from an insider. They claim it were from an exploit that was done "by manipulating stablecoin prices on Curve Finance, another DeFi protocol that Harvest Finance contracts interact with." They have pointed out some addresses on twitter who were involved in casing out the coins and have asked help from prominent exchanges to track and prevent coins of those address being converted or withdrawn to other coins. Source: https://twitter.com/harvest_finance
|
|
|
|
RussianEnglishTranslation
Jr. Member
Offline
Activity: 840
Merit: 6
|
|
October 26, 2020, 07:52:34 AM |
|
Harvest Finance is currently under a FUD attack by that Twitter personality Chris, fudders on 4chan, Discord, Telegram, and other social media pages. A paid group began actively targeting the project after it reached 1 billion USD in managed funds. Many suspect the hack and paid fudders come from CZ or FTX as they have competing projects and FARM was growing too quickly for their liking. I've been in crypto long enough to see what is happening and bought the dip at 80usd. The price is now well over 100usd and I've done quite nicely.
|
|
|
|
cryptoaddictchie
Legendary
Online
Activity: 2212
Merit: 1340
Fully Regulated Crypto Casino
|
|
October 26, 2020, 08:19:41 AM |
|
It's possible that this could be an exit scam since Harvest Finance's anonymous devs supposedly have an admin key that can drain the protocol's contract
That's the thing having an anon dev. No matter we secured the project the outcome can be like this. Im sure no one is blaming them, but we dont know if this an internal planned exit or what. Who would know even the article could be also misleading or a form of diversion. Im not saying they are the culprit, just viewing a possible scenario that this might actually happened since it has been pulling of with a lot of projects in the past. Like cbdao and many more.
|
| CHIPS.GG | | | ▄▄███████▄▄ ▄████▀▀▀▀▀▀▀████▄ ▄███▀░▄░▀▀▀▀▀░▄░▀███▄ ▄███░▄▀░░░░░░░░░▀▄░███▄ ▄███░▄░░░▄█████▄░░░▄░███▄ ███░▄▀░░░███████░░░▀▄░███ ███░█░░░▀▀▀▀▀░░░▀░░░█░███ ███░▀▄░▄▀░▄██▄▄░▀▄░▄▀░███ ▀███░▀░▀▄██▀░▀██▄▀░▀░███▀ ▀███░▀▄░░░░░░░░░▄▀░███▀ ▀███▄░▀░▄▄▄▄▄░▀░▄███▀ ▀████▄▄▄▄▄▄▄████▀ █████████████████████████ | | ▄▄███████▄▄ ▄███████████████▄ ▄█▀▀▀▄█████████▄▀▀▀█▄ ▄██████▀▄█▄▄▄█▄▀██████▄ ▄████████▄█████▄████████▄ ████████▄███████▄████████ ███████▄█████████▄███████ ███▄▄▀▀█▀▀█████▀▀█▀▀▄▄███ ▀█████████▀▀██▀█████████▀ ▀█████████████████████▀ ▀███████████████████▀ ▀████▄▄███▄▄████▀ ████████████████████████ | | 3000+ UNIQUE GAMES | | | 12+ CURRENCIES ACCEPTED | | | VIP REWARD PROGRAM | | ◥ | Play Now |
|
|
|
btc_angela
|
|
October 26, 2020, 08:24:21 AM |
|
Lets not come to any conclusion so quickly but this quote from the article sounds very suspicious. The attack comes after DeFi analyst Chris Blec claimed Harvest Finance’s administrators held an “admin key that can drain funds” locked in the protocol’s contracts. Only people who carry the load of this would be investors. so sad.
Regardless though, the money has been drained, and as far as I know Chris Blec is investigating it and usually he is spot on with his conclusion. This is huge amount to be lost in this Defi hype, another blow to it's reputation and it people should be careful as we have been sweep under with this hype and resulting to millions of dollars being lost to this scammers.
|
|
|
|
Nalbo
|
|
October 26, 2020, 08:34:16 AM |
|
Whatever be the cause, it's the team which should take the responsibility. Wherever the exploit came from, every lines on defi smart contract should be properly analyzed and verified by the developers. After that, it also goes through audit by and external auditor. The exploit seems to miss both of them or both of them were involved in this plot. It's the disaster caused by the Defi hype as inexperienced developers saw money on Defi and jumped into it.
|
|
|
|
Bttzed03
Legendary
Offline
Activity: 2114
Merit: 1149
https://bitcoincleanup.com/
|
|
October 26, 2020, 08:50:31 AM |
|
Looks like attackers's BTC addresses have been identified: 1Paykw4s2WX4SaVjDrQkwSiJr16AiANhiM 1Paykw4s2WX4SaVjDrQkwSiJr16AiANhiM 1HLG86DDEzAxAGmEzxr1SUfPCWcnWA6bMm 14stnrgMFNR4LesqQRUdo5n1VUx9xdAMeg 18w2Bm2cCsbLjWQU9BcnjzK8ErmzozrVa3 1FS2t2eAjmjaNmADN6SMHYo7G4XGpX1osS 1NdAJ89k1qpRMpZLwuYGQ7VnM45xD2NJXa 1CLHhshrusvT4XADWA29R2H4ndsSUamEWn 1FS2t2eAjmjaNmADN6SMHYo7G4XGpX1osS 1CLHhshrusvT4XADWA29R2H4ndsSUamEWn sourceThe team also notified different exchanges to block those addresses but good luck to them if they use bitcoin mixers/coinjoins to move the funds. Another interesting development to the case is the team claiming they've somehow identified who the attacker is but refused to name him/her because of the reputation s/he has in the crypto community. In addition to the BTC addresses which hold the funds, there is now a significant amount of personally identifiable information on the attacker, who is well-known in the crypto community.
We are putting out a 100k bounty for the first person or team to reach out to the attacker ^ Maybe talk to the guy who said something about admin key and get your $100K bounty
Regardless of who the attacker is or what motive s/he has, it doesn't changed the fact that DeFi projects are open for exploits. This is another proof that these projects aren't really decentralized and trustless. Best of luck to all investors/speculators. Another money down the drain.
|
|
|
|
Akiko
|
|
October 26, 2020, 09:29:29 AM |
|
An exploit in DeFi protocol Harvest Finance has caused over $25 million in funds to be stolen. Most of these funds have been traded for renBTC and mixed through Tornado Cash. The protocols native token FARM has fallen 65% in value. It's possible that this could be an exit scam since Harvest Finance's anonymous devs supposedly have an admin key that can drain the protocol's contract. https://www.coindesk.com/defi-platform-harvest-finance-exploitYes possible since as you said they are anonymous developer and they have nothing to lose in case they run peoples money. they did it to facilitate the sale and their investors could not even suspecting them . easy exit scam idea for a new project with anonymous teams Maybe they did it so that there would not much investigation and just blame it all to hackers.
|
|
|
|
TGD
|
|
October 26, 2020, 09:37:45 AM |
|
Looks like attackers's BTC addresses have been identified: 1Paykw4s2WX4SaVjDrQkwSiJr16AiANhiM 1Paykw4s2WX4SaVjDrQkwSiJr16AiANhiM 1HLG86DDEzAxAGmEzxr1SUfPCWcnWA6bMm 14stnrgMFNR4LesqQRUdo5n1VUx9xdAMeg 18w2Bm2cCsbLjWQU9BcnjzK8ErmzozrVa3 1FS2t2eAjmjaNmADN6SMHYo7G4XGpX1osS 1NdAJ89k1qpRMpZLwuYGQ7VnM45xD2NJXa 1CLHhshrusvT4XADWA29R2H4ndsSUamEWn 1FS2t2eAjmjaNmADN6SMHYo7G4XGpX1osS 1CLHhshrusvT4XADWA29R2H4ndsSUamEWn sourceThe team also notified different exchanges to block those addresses but good luck to them if they use bitcoin mixers/coinjoins to move the funds. Another interesting development to the case is the team claiming they've somehow identified who the attacker is but refused to name him/her because of the reputation s/he has in the crypto community. In addition to the BTC addresses which hold the funds, there is now a significant amount of personally identifiable information on the attacker, who is well-known in the crypto community.
We are putting out a 100k bounty for the first person or team to reach out to the attacker ^ Maybe talk to the guy who said something about admin key and get your $100K bounty
Regardless of who the attacker is or what motive s/he has, it doesn't changed the fact that DeFi projects are open for exploits. This is another proof that these projects aren't really decentralized and trustless. Best of luck to all investors/speculators. Another money down the drain. DeFi starting to get messy. Anonymous devs team are starting to backfire and idiot investors that keep swarming on hype defi coin never learned there lesson. It's not easy to exploit there code and this garbage bounty hunting for the scammer is just a show to redirect crowd attention. This DeFi system will never gonna work for anonymous devs because they will keep destroying there own project once they secure enough funds on there wallet. People never learned on this kind of scheme especially during Sushi swap creator runaway the project funds.
|
Don't mind me | Just checking out here for Duelbits Promotion | Bitcoin 1M | Duelbits no 1
|
|
|
Jating
|
|
October 26, 2020, 09:42:41 AM |
|
Pretty much the intention is very simply, stole money from unsuspecting victims and ran off and used conjoin mixers to hide their track. So simply don't touch the money and wait for the imminent bull run next year, win-win situation for the criminals.
As far as DeFi goes, the picture has slowly crumble, and just like what majority of you said prior to this hype, it is comparable to 2017 wherein scammers and hackers are everywhere. The main difference is that criminals now are having an easy time breaching or exploiting these codes and then slowly draining them. How much can investors take? Your guess is as good as mine. Perhaps billions will be lost in the future before we really learn our lessons.
|
|
|
|
zasad@
Legendary
Offline
Activity: 1890
Merit: 4567
|
|
October 26, 2020, 10:13:15 AM |
|
If you are actively following the topic of hacks, then read this topic. https://bitcointalk.org/index.php?topic=5267124.0A little money was stolen for the project and it is good that the amount of damage will not increase. But this is a very small amount when compared to theft from centralized exchanges.
|
| | Peach BTC bitcoin | │ | Buy and Sell Bitcoin P2P | │ | . .
▄▄███████▄▄ ▄██████████████▄ ▄███████████████████▄ ▄█████████████████████▄ ▄███████████████████████▄ █████████████████████████ █████████████████████████ █████████████████████████ ▀███████████████████████▀ ▀█████████████████████▀ ▀███████████████████▀ ▀███████████████▀ ▀▀███████▀▀
▀▀▀▀███████▀▀▀▀ | | EUROPE | AFRICA LATIN AMERICA | | | ▄▀▀▀ █ █ █ █ █ █ █ █ █ █ █ ▀▄▄▄ |
███████▄█ ███████▀ ██▄▄▄▄▄░▄▄▄▄▄ █████████████▀ ▐███████████▌ ▐███████████▌ █████████████▄ ██████████████ ███▀███▀▀███▀ | . Download on the App Store | ▀▀▀▄ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▀ | ▄▀▀▀ █ █ █ █ █ █ █ █ █ █ █ ▀▄▄▄ |
▄██▄ ██████▄ █████████▄ ████████████▄ ███████████████ ████████████▀ █████████▀ ██████▀ ▀██▀ | . GET IT ON Google Play | ▀▀▀▄ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▀ |
|
|
|
Freebieindia
|
|
October 26, 2020, 11:05:35 AM |
|
If I am not mistaken KAVA protocol too had a side-project called HARVEST, right? is it the same project or a different one? These anonymous devs and their unaudited contracts are getting worst each day.
KAVA project is different and this is different. Kava Harvest protocol ticker is HARD and this is FARM. I was also confused at first.
|
|
|
|
Novatech8
Member
Offline
Activity: 700
Merit: 27
Sovryn - Brings DeFi to Bitcoin
|
|
October 26, 2020, 12:14:29 PM |
|
Any DeFi projects can get hacked either through the platform or through exchanges, been DeFi doesn't mean the project is hack proof, few DeFi projects got hacked through kucoin exchange weeks ago and I'm surprised that few of these DeFi projects changed their smart contract because of the hack, revealing that they aren't 100% decentralized.
|
|
|
|
masterrex
|
|
October 26, 2020, 12:27:32 PM |
|
Another Defi mess, why people (investors) dont consider it in the first place before doing such thing as investing, I think they simply trust their money in the unknown developer's Defi project, Because IMO, hiding in anonymity in the name of Decentralization is already a "red flag" unless there is some legitimate and known representative to act on behalf of the anonymous team, The other problem is the unaudited smart-contract function it was also important because how do we know if there is something hidden key in the smart-contract to drain the funds intentionally in the future.
|
|
|
|
Kupid002
|
|
October 26, 2020, 01:13:08 PM |
|
If you are actively following the topic of hacks, then read this topic. https://bitcointalk.org/index.php?topic=5267124.0A little money was stolen for the project and it is good that the amount of damage will not increase. But this is a very small amount when compared to theft from centralized exchanges. Thats simply means there are still bug in that platform and we can't fully trust are money there. they needto improve their security if they don't want that glitch will happen again in thier exchange. Even they stoled only small amount for that we cant still be comfortable and hackers will always find holes. that can be used later and can have a big impact on this exchange.
|
|
|
|
thesmallgod
|
|
October 26, 2020, 02:23:48 PM |
|
Lets not come to any conclusion so quickly but this quote from the article sounds very suspicious. The attack comes after DeFi analyst Chris Blec claimed Harvest Finance’s administrators held an “admin key that can drain funds” locked in the protocol’s contracts. Only people who carry the load of this would be investors. so sad.
If truly the admin have back-end access to peoples account then it must an inside job. However, this will be a serious issue since the team are anonymous. How to know exactly who the team are will need to be uncovered before going further to press any charges. Investors should be conscious of dealing with faceless people especially when investing huge amount into a project
|
|
|
|
bitbollo
Legendary
Offline
Activity: 3388
Merit: 3734
https://bit.ly/bitbollo
|
|
October 26, 2020, 02:30:41 PM |
|
If you are actively following the topic of hacks, then read this topic. https://bitcointalk.org/index.php?topic=5267124.0A little money was stolen for the project and it is good that the amount of damage will not increase. But this is a very small amount when compared to theft from centralized exchanges. Theft from centralized exchanges are something comparable to a disaster ! Just take a look on Mtgox or QuadrigaCX two of major collapse (and many many other like cryptopia o mintpal) . However what I find very curious with DeFi scam it's the chance that people have to take a look inside these codes/smart contract/ holder list. It's not a "back end access" matter... Since no one has a real knowledge of coding (and mostly are just searching "the new bitcoin") these scam can just become more frequently.
|
| | . .Duelbits. | │ | ..........UNLEASH.......... THE ULTIMATE GAMING EXPERIENCE | │ | DUELBITS FANTASY SPORTS | ████▄▄▄█████▄▄▄ ░▄████████████████▄ ▐██████████████████▄ ████████████████████ ████████████████████▌ █████████████████████ ████████████████▀▀▀ ███████████████▌ ███████████████▌ ████████████████ ████████████████ ████████████████ ████▀▀███████▀▀ | . ▬▬ VS ▬▬ | ████▄▄▄█████▄▄▄ ░▄████████████████▄ ▐██████████████████▄ ████████████████████ ████████████████████▌ █████████████████████ ███████████████████ ███████████████▌ ███████████████▌ ████████████████ ████████████████ ████████████████ ████▀▀███████▀▀ | /// PLAY FOR FREE /// WIN FOR REAL | │ | ..PLAY NOW.. | |
|
|
|
|