A hacker acquired the private key for liquidity management through a sophisticated social engineering attack. This key breach allowed the hacker to create new tokens, subsequently liquidate them, and drain financial resources.
Concentric Under Attack: Protocol Misuse on Arbitrum
Through the misuse of the private key, the Concentric application, managing liquidity on the #Arbitrum network, was compromised. The attacker modified the protocol's vaults using this key, created new LP tokens, and then depleted their assets, as reported by the Concentric team.
Security Warning for Concentric Users
Users are urged to revoke all approvals for vault addresses listed in the protocol's documentation as a precautionary measure.
Financial Losses and Possible Link to Another Attack
The security platform #CertiK reported losses exceeding $1.8 million. Moreover, the attacker's wallet is linked to a wallet that previously exploited the decentralized exchange OKX, suggesting a possible connection between the two incidents.
Response and Investigation by the Concentric Team
The Concentric team announced the commencement of a thorough investigation and is preparing a post-mortem report with a plan to address vulnerabilities. They emphasize their commitment to restoring the security and integrity of the Concentric protocol.
Growing Popularity of Liquidity Management Protocols
Popularity Increase Following Uniswap's 2021 Innovation
Liquidity management protocols, which allow setting price ranges and rebalancing funds on decentralized exchanges, gained popularity following the introduction of "concentrated liquidity" by Uniswap. This innovation allows liquidity providers to better control the prices at which their assets can be traded.
Another Case of Attack: Gamma Protocol
Another liquidity manager, Gamma Protocol, faced an attack in early January, where nearly half a million dollars were drained through vulnerabilities in smart contracts. These two attacks appear to be unrelated, as they employed different methods.
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
