Furucombo (COMBO), a tool that helps users “collect” transactions and interact with multiple decentralized financial protocols (DeFi) at the same time, has become the latest victim of hackers.
DeFi platform Furucombo was attacked, with $ 15 million in damage
Specifically, around last night, Furucombo became the target of the attack of bad actors, with an estimated total loss of up to $ 15 million in the form of ETH and many other ERC-20 tokens.
Accordingly, the attacker used the “fake smart contract” trick to trick the money transfer protocol. In the Furucombo incident, the hacker created a smart contract impersonating as a new upgrade of Aave v2, asking Furucombo to transfer money and then withdraw all of it to his wallet.
This attack method was also the cause of the $ 20 million hacks of Pickle Finance in late 2020, or the latest, the $ 37 million theft incident of Alpha Finance Lab / Cream Finance in early February.
Immediately after the above information appeared, the Furucombo team confirmed the incident and reassured users:
We are working on the next steps and will update our community as soon as we can
Please remove your token approvals on https://t.co/jcZmbiUQOR towards our contract at the earliest.
Our smart contract:0x17e8Ca1b4798B97602895f63206afCd1Fc90Ca5f
— FURUCOMBO (@furucombo) February 27, 2021
“The Furucombo protocol was hacked, resulting in $ 15 million in damages. The Furucombo platform and the user’s money remain safe. We are planning to move tokens and will notify the community as soon as possible.”
Furucombo’s COMBO token price fell more than 40% in value after the hacked information appeared, dropping from $ 4.7 to $ 2.7. At the time of writing, COMBO is only trading around $ 3.