Unmasking the $9M Exploit Mastermind
Following the attack on its v3 platform on November 17, 2023, which resulted in a loss of $9 million from its insurance fund, dYdX has successfully identified the perpetrator of the attack. Accordingly, the decentralized exchange is rapidly taking action, including preparation for legal action against the individual guilty of the incident.
The platform assures users that it will protect the system from future breaches comparable to the one they conducted in their detailed study of the targeted attack. By implementing sophisticated procedures for monitoring open interests and activating prompt alarms, the firm has greatly strengthened its v3 trading platform to prevent concerted attacks against it.
Furthermore, the improved v4 chain, which has been painstakingly constructed to counteract threats of this sort, has been implemented by dYdX as part of its defense strategy. Also, an automatic adjustment mechanism for the initial margin fraction. .n is one of the innovative features that the most recent edition offers.
The Attacker’s Strategy
Following a thorough investigation, dYdX discovered the complex method of operation that the perpetrator employed. By strategically utilizing the YFI/USD trading pair scattered across over one hundred wallets, the attacker tactically established a large number of long positions that they leveraged five times.
Using a network of different addresses, the malicious actor initiated purchasing Spot Yearn.finance (YFI) tokens resulted in a 215% increase in the token’s market value. YFI is the native token for the Yearn.finance decentralized finance ecosystem.
The crypto platform disclosed that the perpetrator of the attack increased their unrealized gains by utilizing more YFI/USD positions till it reached almost $50 million. Following the hack, the platform immediately corrected its defense mechanisms by increasing the initial margin specifications.
This move was part of the platform’s response to improving its security to prevent such a recurrence. Also, the firm’s security team simultaneously reduced the base and incremental position sizes that were active within the YFI/USD market.
According to an official statement, this strategic move limits the attacker’s maneuvers.
Forestalling Further Breaches
A day after the attack, the price of YFI experienced a significant decline, declining by roughly 30%. After being unable to move from their positions, the attackers discovered that they were also unable to carry out any closures.
As the value of the assailant’s holdings plummeted significantly, the insurance fund of dYdX instantly covered the losses sustained. It is worth noting that dYdX reported that before the YFI event, the attacker had utilized a similar approach involving the SUSHI/USD pair and made away with profits totaling around $5 million.
The good news is that the v3 insurance fund remained immune to further exploitation due to preemptive actions, especially the increment of the initial margin requirement to 100%. This action prevented the attacker from achieving their goals.
Notably, the platform explained that these moves prevent the attacker’s manipulation of the YEI market from yielding any gain. A side benefit of these actions is that they reassure the platform’s users that the hack didn’t compromise the platform’s operations in any way.