- $1.7 million was withdrawn from Bedrock DeFi’s uniBTC pool in a suspicious attack.
- The attacker funneled funds through TornadoCash, now holding 650 ETH in a flagged address.
- The uniBTC/WBTC trading pair saw a drastic -100% price drop, raising concerns of a flash crash.
A concerning breach has occurred in Bedrock DeFi, with $1.7 million in funds drained from the uniBTC pool. According to CyversAlert, the suspicious activity was detected when the attacker routed funds into a suspicious address using TornadoCash, a known privacy tool.
The current balance of the attacker’s address, starting with 0xEE8, holds approximately 650 ETH, valued at around $1.7 million. The impact of this exploit has sent waves of concern throughout the DeFi community.
The nature of the attack involved the injection of funds into the flagged address through TornadoCash, allowing the attacker to obscure the trail of the stolen assets. Significantly, the theft directly impacted the uniBTC/WBTC trading pair on Uniswap.
Dexscreener.com displayed a sharp, sudden drop in the trading pair’s price, plunging from roughly 64,485 to near zero within a very short period. The percentage change noted was a staggering -100%, indicating a complete loss of value in the pool.
Moreover, the magnitude of this price drop is highly unusual, particularly in a Bitcoin-related trading pair, which typically shows more stability. The steep decline in such a short period raises concerns over potential liquidity issues or technical glitches.
Furthermore, the abruptness and severity of the drop have sparked speculation about the causes, though no official confirmation has been made.
Additionally, this incident has raised further concerns about the security of DeFi platforms, especially in cases involving privacy tools like TornadoCash. The attack has resulted in a major loss for Bedrock DeFi users, with the stolen ETH now sitting in the attacker’s wallet.
Current blockchain explorer data reveals the attacker’s address with 650.47 ETH valued at around $1.7 million, which was extracted over three recent transactions.
CyversAlert echoed the urgency of the matter, stating that the uniBTC pool had been drained, and the attacker’s wallet remains under scrutiny. The DeFi space has witnessed several such breaches, but the sheer amount stolen in this incident places it among the more severe cases in recent times.
The DeFi community now awaits further updates on the steps taken to resolve the issue and recover the stolen assets. However, with the attacker employing sophisticated techniques like TornadoCash, tracing the funds and retrieving them poses a significant challenge.
DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
