$27 000 000 USD
DESCRIPTION OF EVENTS
"This DeFi platform is described as a smart contract program for business." "PAID Network is an ecosystem DAPP that leverages blockchain technology to deliver DeFi powered SMART Agreements to make business exponentially more efficient. We allow users to create their own policy, to ensure they Get PAID."
"The Paid Network – a decentralized finance (DeFi) app that loosely describes itself as a smart contract program for businesses – has been exploited through the contract’s token minting feature." "On Friday, March 5, at 6:07:13PM UTC, an attacker exploited the PAID Network deployer contract to steal over 59 million PAID tokens and was able to sell 2,501,203 PAID tokens for 2,040.4339 ETH on Uniswap, before the PAID team stopped further selling by pulling liquidity from Uniswap. A post-mortem on the attack can be found here for review." "Some 60 million PAID tokens, worth about $37 million at press time, have been wrongly created." "This means that the hacker extracted over $168m from the platform, which would be the largest DeFi hack to date. However, the PAID token quickly devalued the same day. After a harsh 90% fall, the price now is around $0.3 per token."
"The responsible party (who is not part of the PAID core team, and whose identity will not be disclosed at this time) shared a PAID private key in a non-PAID repo owned by a 3rd party, who subsequently made this repo public. At this time, we have no reason to believe that any of these parties acted maliciously." "The PAID Network core team had no control over this repo, and was unaware that the private key in question had any ownership of existing PAID token smart contracts. It was thought that all admin rights of this private key were automatically revoked when transferred."
"Contract functionality worked as designed. The attacker exploited an old compromised private key to access the smart contract, not a vulnerability in the smart contract itself." "Upgradeable contracts let you improve a smart contract over time, without requiring users to switch to a new contract with every update. They are owned by an address, which has the power to change the smart contract. Whoever owns the private key to an address, effectively owns that address. When the private key in question was compromised, the attacker gained access to the upgradeable contract, and used that functionality to create new minting functions in the PAID v1 token contract. Because the PAID total token supply is hard coded, the attacker could only mint a total of 59,471,745.571 PAID tokens, which is why the attacker first had to burn 59,471,745.571 PAID tokens. They then executed the mint, sent the tokens to an address they controlled, and proceeded to sell the minted PAID tokens on Uniswap."
"Subsequently, the attacker exchanged their newly minted tokens through Uniswap in return for about 2,000 ETH." "2,501,203 $PAID tokens on Uniswap were sold for a total of 2,040.4339 ETH before the attack was discovered at 20:17 UTC+2. Upon discovery the PAID team pulled liquidity from Uniswap, minimizing damage." "Some analysts have been following the trace of the funds, and it seems like the hacker didn’t earn that much with it. They swapped around $3m to Wrapped Ether (WETH), but the rest is still in PAID tokens. The total stolen figure’s been calculated around $37m."
"We will fix the problem by launching PAID v2 contracts and minting PAID v2 tokens, effectively invalidating the attacker’s mint. PAID v1 tokens will be phased out of use when PAID v2 tokens are airdropped." "All PAID v1 token holders will receive a corresponding amount in PAID v2 tokens. We have forked the original audited PAID contract, received additional 3rd party code review, and will launch a PAID V2 token within the next 24–48 hours." "[T]here will be no “penalty” for anyone who sold in a panic following the attack. Their balances will be restored as reflected in the snapshot."
"First, we are engaging industry experts on key management best practices. Second, we will move control of the PAID smart contracts to a multisignature wallet, so that PAID Network will never again be compromised by loss of a single private key. Third, we have already engaged with industry experts to enhance our security and establish a culture of vigilance, beginning with comprehensive security and process audits."
The team at Paid Network launched a smart contract which enabled future upgrades based on a private key they held. The key was breached because it was accidentally made public by a third party that Paid Network worked with. This private key was then used by an attacker to upgrade the contract such that they could withdraw all of the funds.
HOW COULD THIS HAVE BEEN PREVENTED?
Of particular concern should be any backdoors into smart contracts which exist. In the wrong hands, these can enable a malicious modification of the contract.
Like anything else, the use of multi-signature setups and proper offline storage of keys are of paramount importance. It seems like the approach being taken by Paid Network in this regard is a step in the right direction.
Rekt - Leaderboard (May 12)
Rekt - Paid Network - REKT (May 15)
DeFi Attackers Go Big - Over $68m Were Hacked To Meerkat and Paid (May 16)
Paid Network Exploit Mints Attacker 60M Tokens: Report - CoinDesk (May 16)
$200 million stolen in 5 days via DeFi - CoinGeek (May 16)
Paid V2 Token FAQ (May 16)
Paid Network Attack Post Mortem (May 16)
DeFi attackers go big: over $68m were hacked to Meerkat and Paid (May 16)
Paid Network Homepage (May 16)
Crypto && Coffee 067-068 | Keep Crypto Moving with Traveler - CipherTrace (May 24)
blocksec-incidents/2021.md at main · openblocksec/blocksec-incidents · GitHub (Aug 10)
Slow Mist Analysis Of Paid Networks Hacked Event (Aug 10)