BZx hack: the attacker returns the 8 million dollars

Return to Caesar what is Caesar – The bZx protocol is part of the family of decentralized finance protocols. It was the victim of a bug exploitation resulting in the loss of the 8 million dollars in crypto assets. Fortunately, the attacker retraced his steps and returned the full amount.

8 million thanks to a duplication bug

On the night of September 13 to 14, Marc Thalen , engineer of, contacted the bZx teams to notify them of a bug in their code .

Thus, a poor design of a smart contract allowed a user to send funds to one another from the same address, causing them to be duplicated . In total, $ 20 million was vulnerable.

On September 14 , although the alert was raised, the teams took too long to react and an attacker managed to steal the equivalent of $ 8 million in LINK, ETH, USDT, USDC and DAI . A sum which represents 30% of the assets under management by the bZx protocol .

All’s well That ends well

Finally, on September 14, bZx announced to its community that all of the funds had been returned by the attacker to the development team’s wallet .

According to the spokesperson for the project, Paris Fotis, the attacker could be tracked thanks to his on-chain activity by analyzing the movement of funds. Once unmasked, the attacker had no choice but to return all of the funds.

Once the funds returned and the flaw corrected, the teams were able to redistribute the stolen funds to their respective pools.

$ 45,000 for the discovery of the fault

For Marc Thalen, the story also ends well with the payment of $ 45,000 bug bounty to reward him for having discovered the flaw.

As a reminder, bug bounties are programs set up by different companies to reward users who discover bugs in their infrastructure.

However, it was not a given. In fact, the bZx teams initially proposed a reward of $ 12,500 , deemed too low by Thalen with regard to the bug bounty charter published by the protocol.

With this attack, bZx’s reputation takes a hit. Indeed, the protocol has already suffered from 2 attacks in recent months, despite repeated audits. A new audit was carried out by Peckshield to ensure that the fix as well as the rest of the code are no longer vulnerable.
Did you like this article?

About the author