KANALCOIN NEWS – An interesting thing recently happened in the global Decentralized Finance (DeFi) industry. After a few days ago it was reported that a hacker managed to break into the security layer of the dForce protocol by attacking Lendf.Me, a cryptocurrency market that adopts an open source system, in fact it didn’t last long enough.
The hacker is reported to have returned $25 million worth of stolen funds in Ethereum, stablecoins, and Bitcoin. The funds are not returned all at once, but gradually.
Many people believe that the hacker has made a fatal blunder. He processes the cryptocurrency assets that he has stolen using only VPN technology or ordinary proxy servers which of course can reveal his identity easily. If only he had more experience, of course he would use a more credible decentralized network so that the security of his personal information can be guaranteed.
What really happened?
Observers believe there are two possibilities that occur in this case. First, the hacker actually didn’t have bad intentions when he took the funds, but just wanted to point out a big weakness in the DeFi system that anyone with malicious intentions could take advantage of at any time..
Second, it is possible that the hacker still does not have sufficient experience in the world of crime. This is proven by him who, whether intentionally or not, left his identity when carrying out these criminal practices so that the public could easily identify the perpetrators..
Of the two possible reasons, it seems the second reason is more plausible. Indeed, in several previous cases there were people who deliberately broke into the security of a system because they wanted to report these security holes to the relevant parties. However, it feels too careless if the perpetrator also leaves traces in the form of an identity that can be easily traced later.
Any possibility that is the reason for the perpetrator in carrying out the burglary does not cover the fact that the DeFi protocol security system still has loopholes that can be exploited by irresponsible people.
According to PeckShield, a blockchain security research institute, the loophole in the security system lies in the loan approval function owned by Lendf.Me. The system’s inability to create a contract for every transaction made through this technology has created a sizeable hole in the security of the system as a whole..
This was stated by the CEO of Compound, Robert Leshner. He even said that any system that dares to offer services in the field of cryptocurrencies, especially in terms of decentralized finance, must have the ability to create their own contracts.