Axion Attack Was an Inside Job, CertiK Says

Key Takeaways

  • CertiK has commented on yesterday’s attack against Axion (AXN).
  • The auditing firm says that the attack was likely carried out by someone responsible for deploying Axion’s contracts.
  • The hacker stole $27 million of AXN tokens during the attack.

Share this article

CertiK, a blockchain auditing outfit, has commented on yesterday’s Axion hack, revealing that the attacker exploited the project’s third-party dependencies. The auditors added that someone within the project likely carried out the attack.

Insiders Likely Led Axion Attack

According to a HackMD article published by CertiK, the attack was “planned from the inside.”

Actors involved in the Axion project injected malicious code prior to Axion’s deployment by altering its OpenZeppelin dependencies. The injected code allowed the attacker to freely mint 80 billion AXN tokens.

Since the code was injected at the deployment stage, CertiK’s original audit of the code failed to prevent the attack.

Yvan Nasr, CertiK’s head of professional service, told Crypto Briefing that Axion likely “merged the code of the project with the right dependencies together and then manually inserted their malicious code in the OpenZeppelin dependency prior to deployment.”

Alex Papageorgiou, security engineer at CertiK, added that “the deployers were most likely Axion members, as whoever deployed the contracts could also set special owners roles … so they already were considered trusted”.

CertiK has not speculated on the precise identity of the attacker. However, it believes that the attack “could have only been done by those deploying the project.”

$27 Million of AXN Stolen

The exploit against Axion allowed the unknown attacker to mint 80 billion AXN tokens, then sell those tokens on the Uniswap exchange. Prior to the attack, that amount was worth $27 million, though the token’s price has now collapsed to $0.

To prepare for the attack, the hacker circulated 2.1 ETH on Tornado.cash for privacy. The attacker also purchased 700,000 HEX2T tokens as part of a “smokescreen,” CertiK says.

Though the attack was sizable in terms of its dollar value, it is notable primarily because the hacker followed an unusual line of attack. It remains to be seen if hackers can imitate this line attack and carry it out against other blockchain projects.

Share this article

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.

Source: Read Full Article