Lending protocol bZx appeared another bug that the losses high as over $ 8M in user deposit

The development path of the DeFi bZx lending protocol doesn’t seem to be very favorable this year. Seven months after being hit by two significant hacks that cost the protocol more than $ 954,000, bZx made a stir when another bug emerged. This time, the network error caused the loss of more than $ 8 million or 30% of the total value of the bZX token to be locked.

bZx hacked again as duplication bug costs protocol $ 8 million in user deposits

In fact, the sharp drop in TVL was the first thing that caught the attention of bZx developers:

“We confirm that a duplicate issue has occurred with some iTokens.”

While the network activity was quickly suspended and the iToken contract code was patched, hackers can still exploit this bug to get the money mentioned above. bZx soon updated its network patches, claiming the duplicate bug was fixed as quickly as it was checked by Peckshield and Certik – two very well-known security companies.

Interestingly, according to Marc Thelan, Chief Engineer at Bitcoin.com, the bZx team may have been slow to address the issue at hand.

Thelan stated:

“Last night, I found an exploit in BRZX. I noticed a user capable of copying” iTokens “. Had more than $ 20 million in damage. I informed the team, asking them to stop the protocol and clarify these errors. At this point, none of the founders have spoken … ”

This incident once again raises the question of how to certain user assets are over DeFi protocols. However, despite that, many people quickly stood up for bZx.

Aave Protocol Founder Stani Kulechov said:

“@bZxHQ incident recently showed that it’s easier forked than done. They had multiple audits, formal verification and took substantial time before coming back to main-net, and yet all the diligence does not guarantee safety. Something that every DeFi user should understand.”

Read more:

Follow us on Telegram

Follow us on Twitter

Follow us on Facebook

You might also like