Terra Faces New Challenges After $6.8M Security Breach
BTC
USTC
Terra faces new challenges after a $6.8 million security breach. A hacker exploited an old security patch to create fake tokens, just a week after TerraForm Labs announced a repayment plan.
The community identified the hacker, but the funds are gone. Adding to the issues, Terra Luna’s blockchain was halted on July 31, 2024.
Terra Hit by $6.8M Security Breach
After multiple blockchain intelligence platforms raised alarms, Terra suffered a significant security breach resulting in the loss of over $6 million in digital assets. The breach included the theft of 60 million ASTRO tokens, which are native to Astroport’s liquidity protocol on Terra Luna’s chain.
In addition to Astroport’s tokens, the hacker also drained 3.5 million Circle USD (USDC), 500,000 Tether USD (USDT), and 2.7 Bitcoin (BTC). This substantial loss highlights the severity of the incident.
The $6.8 million breach occurred just a week after TerraForm Labs announced a timeline for a crypto loss claim, aiming to compensate the investors affected by the 2022 Terra Luna collapse. This recent incident adds to the challenges faced by Terra and its community.
Security Flaw Leads to $6.8M Breach on Terra
Astroport revealed that the network’s Inter-Blockchain Communication (IBC) vulnerability was identified in April 2024. However, Terra’s new chain remained unpatched, allowing the hacker to exploit this vulnerability by minting new tokens using an IBC call contract with hooks and a timeout.
Source: X
Blockchain security audit firm Cyvers highlighted that despite the known issue, the upgrade package installed in June 2024 on Terra 2.0 failed to address the vulnerability, leading to the security breach. The hackers conducted small-scale transfers, never exceeding 56 LUNA or 7,800 USDC per transaction, but still managed to steal $6.8 million.
After the theft, the fraudster used a cross-chain bridge to transfer the stolen funds to Ethereum, where they were swapped for Ether (ETH). Although the Terra community has identified the hacker’s crypto address, recovering the stolen funds may be impossible. The hacker utilized a third-party module for cross-chain contracts and token transfers between blockchains.
Also Read: Worldcoin Expands to Austria with World ID Verifications
Community Reactions and Security Issues After Terra Luna Breach
Terra Luna’s holder community has been vocal about the recent security breach, with many expressing regret over the reversal of the IBC-related upgrade during June’s chain update. If the upgrade had not been reversed, the hacking incident might have been avoided, according to Ethan Buchman, co-founder of Cosmos Chains.
Buchman points out that the use of an outdated fork of IBC-go 7.3.x, last updated in September 2023, made it difficult for Terra 2.0 to apply essential security patches. This outdated version allowed the hacker to mint tokens on Terra Luna’s blockchain.
Buchman advocates for a broad ecosystem effort to update and unify projects to avoid such vulnerabilities. The breach has significantly impacted Terra’s native cryptocurrency, with LUNA dropping to $0.369 on August 1, 2024.
The exploit linked to Inter-Blockchain Communication (IBC) affected Terra 2.0 but did not impact the original Terra Luna Classic (LUNC) chain. Genuine Labs, which manages LUNC’s security, had already implemented the necessary patch in May 2024. Addressing these issues and applying timely upgrades could help prevent similar breaches in the future.
Important: Please note that this article is only meant to provide information and should not be taken as legal, tax, investment, financial, or any other type of advice.
Join Cryptos Headlines Community
Follow Cryptos Headlines on Google News
