Attackers exploit IBC hooks vulnerability to steal tokens on the Terra blockchain.
On July 31, according to The Block, the Terra blockchain reported a security vulnerability on its network, leading to the theft of tokens.
An unknown attacker exploited a known vulnerability associated with a third-party module called IBC hooks, which is used for cross-chain contract calls and token transfers.
The attacker leveraged this vulnerability to steal USDC stablecoins and Astroport tokens from the bridged assets. Preliminary estimates indicate that approximately $3 million worth of tokens may have been affected.
After discovering this incident, Terra took emergency measures to prevent further losses and ensure that no additional tokens were stolen while the vulnerability was being fixed. Terra coordinated with its validators to apply an emergency patch to address the suspected vulnerability.
"We will work with Terra's validators to then apply an emergency patch to fix the suspected vulnerability," Terra stated.
