Another attack against decentralized finance (DeFi) has just ended, this time perpetrated against the PegNet stablecoin: a group of criminals carried out a 51% attack and succeeded, at least in part, as communicated on Twitter by a member of the project team.
Another milestone in the history of PegNet, being able to repel its first 51% attack. A miner generated a bunch of pAssets. But thanks to the PegNet's safety mechanisms that prevent fast pAsset to PEG conversions they couldn't dump the assets & instead decided to burn them. pic.twitter.com/TwGeMrdkvP
— David A. Johnston (@DJohnstonEC) April 21, 2020
To illustrate the attack, a developer explained how it was possible to exploit the power of the network.
Hackers basically managed to get over 51% of the protocol’s hashpower to alter 1265.79 pJPY (about $11) into 6.7 million pUSD, which were later transferred and converted into other stablecoins.
Was the 51% attack successful?
The criminals managed to generate millions of tokens from nothing, but it is also true that the protocol resisted, not allowing to liquidate these generated tokens, which then forced the criminals to burn them, sending them to an irrecoverable address.
As PegNet itself reiterated, pointing out that its stablecoin is decentralized, in this case the attack did not result in the loss of anyone’s funds.
It is truly frightening how in the space of a week there have been a series of attacks against the decentralized financial sector involving several entities, including dForce.
Luckily in many cases the funds were returned and thus maybe these events can lead criminals to understand that it’s very difficult to hack a platform and later liquidate the stolen tokens.
In the case of dForce, the hackers had to return the stolen funds because they were marked and de facto impossible to spend.
In addition, this series of events emphasizes the security of the industry, considered by many to be too immature. DeFi must improve platforms and pay even more attention to the way users’ funds are managed.