Alex Protocol, a Bitcoin decentralized finance (DeFi) platform on the Stacks blockchain, suffered an exploit on June 6, leading to $8.3 million in digital asset losses.
In an X announcement, Alex Protocol stated the breach was attributable to a vulnerability in its self-listing verification logic. The attacker used the flaw to empty liquidity from a number of asset swimming pools.
The Bitcoin DeFi platform stated the attackers siphoned about 8.4 million Stacks (STX) tokens, 21.85 Stacks Bitcoin (sBTC), 149,850 in USDC (USDC) and USDt (USDT), and a couple of.8 Wrapped Bitcoin (WBTC). The incident is without doubt one of the largest exploits within the Stacks ecosystem to this point.
In response to the incident, Alex Lab Basis, the group supporting the protocol, pledged to completely reimburse affected customers utilizing its treasury reserves.
Cointelegraph reached out to Alex Protocol by its X account however didn’t obtain a response by the point of publication.
Alex Protocol to reimburse affected customers post-exploit
In line with Alex Lab, compensation might be issued in USDC tokens. The protocol will base its reimbursement calculations on the common onchain trade charges between 10:00 am UTC and a couple of:00 pm UTC on the day of the assault.
Alex Lab stated wallets affected by the assault will obtain an onchain notification by June 8, together with a personalised declare type. Customers should submit the finished type with a receiving pockets handle by June 10.
The staff stated it’ll confirm submitted claims and distribute USDC funds inside seven days. Customers who don’t obtain a type had been urged to contact the staff by way of e-mail.
The staff didn’t reveal the technical mechanisms behind the exploit however is anticipated to launch a autopsy report.
Associated: Bybit reveals safety overhaul in response to $1.4B hack
Alex Protocol hit by one other hack in Might 2024
This isn’t the primary safety incident by which Alex Protocol has misplaced thousands and thousands. In Might 2024, the DeFi platform suffered an exploit involving its crosschain bridge infrastructure. The incident led to the unauthorized withdrawal of $4.3 million in crypto from the platform.
The DeFi protocol stated the Might exploit was seemingly linked to the North Korean cybercrime group Lazarus. The staff pointed to 3 wallets used within the assault and stated they labored with blockchain analyst ZachXBT to hint the stolen property.
Journal: China to ban proudly owning Bitcoin? Gate.io to pay $30M over liquidations: Asia Specific