By Shelly Melancon (Switzerland)
A weakness in a Defi protocol called PAID network has allowed a hacker to create several PAID tokens worth millions of dollars. Yesterday, at about 18:10 GMT, a token minting function allowed a hacker to mint almost 60 million PAID tokens, which at the time of the attack was worth about $167 million. A few hours later, the hacker successfully sold his ill-gotten tokens on Uniswap. He was PAID 2000 eth (worth $3 million) for the 2.5 million PAID tokens he sold to Uniswap. The PAID network describes itself as “an ecosystem Dapp that utilizes blockchain technology to provide Defi-built smart agreements for businesses to become rapidly efficient.”
Once the tokens hit the market, the price of the PAID token dropped significantly. It reduced from almost $3 to less than $0.5 – a nearly 75% drop in price. With this confirmed sale, there are still over 56 million PAID tokens in the hacker’s wallet address; these PAID tokens are estimated to be worth $24 million.
This PAID network hack is similar to the one on the Cover (an insurance protocol) in the last month of the past year and Furucombo – an ethereum-built platform. Cover’s team solution was to take a snapshot of owners before the attack happened, then issue all of them a new token to restore their token supply to original amounts before the attack occurred.
Also read:Speculations About the Source Of The Attack
Users within the PAID network suspect that one of the founders could be responsible for that kind of attack—however, the development team continues to deny any such doing. These critics are basing their allegation on the fact that only specific addresses can perform certain functions. In a move to avoid further damage, the network has pulled liquidity from the weak contract.
Also, the development team intends to return token balances by creating a new smart contract. A recent tweet from PAID network’s official Twitter account reveals that the company will give a thorough analysis of the hack in a short while.
According to Nick Chong of Parafi capital’s tweet, “a few minutes before the mint happened, a PAID deployer contract (which is externally controlled) transferred ownership to the hacker. Thus, it is likely that a member of executive made a grave security lapse which allowed the hack to happen, or he rug pulled.”
Nick Chong Tweet. Source: Twitter
Previous Warning from A Defi-Risk Analyst
Furthermore, @waronrugs, a Defi-risk analyst, warned of this impending attack at the beginning of this year, remarking that contract owners can create and sell PAID tokens at any point in time.
Waronrugs Tweet. Source: Twitter
From all indications, the end has not been heard about this hack. While the PAID network team is yet to make a detailed official response, they continue to update the incident via the bird app. Their recent tweet was a thank you message to the PAID community for their unwavering support for the network during these challenging times.
PAID network latest tweet. Source: Twitter
At Tokenhell, we help over 5,000 crypto companies amplify their content reach—and you can join them! For inquiries, reach out to us at info@tokenhell.com. Please remember, cryptocurrencies are highly volatile assets. Always conduct thorough research before making any investment decisions. Some content on this website, including posts under Crypto Cable, Sponsored Articles, and Press Releases, is provided by guest contributors or paid sponsors. The views expressed in these posts do not necessarily represent the opinions of Tokenhell. We are not responsible for the accuracy, quality, or reliability of any third-party content, advertisements, products, or banners featured on this site. For more details, please review our full terms and conditions / disclaimer.