One of the biggest inherent risks of cryptocurrency is the susceptibility to hacks and scams, which seems to be increasing. Avalanche, a decentralized platform, suffered its second major hack. During the hack, $35 million worth of funds were siphoned out of the decentralized finance (DeFi) lending platform Vee Finance. With another security breach just a few weeks after the first, many people wonder if the Avalanche blockchain is safe?
Early on Sept. 21, Avalanche revealed that the attacker stole 8,804 Ethereum (ETH) and around 214 Bitcoin (BTC) from its trade contract address. In order to prevent more losses, Vee Finance has temporarily disabled its services as it investigates what caused the hack.
Are Vee Finance funds safe?
Coming just shy of a week after its launch, Vee Finance has had a rude awakening. The platform is experiencing major "growing pains" amid the hack. After announcing to its users that the platform "may have been exploited," Vee Finance acted quickly. It temporarily suspended platform contracts as well as the deposit and borrow function. The company also reached out to the hacker on the blockchain.
Despite the actions to mitigate any additional tampering, it isn't clear how safe funds are on the Vee Finance platform. In subsequent updates, Vee Finance has been forthright in commenting and explaining the measures that it will be taking along with the events that are unfolding as a result of the hack. The latest statement said, "...the attacker has not yet transferred or processed the attacked assets any further."
The Vee Finance team has been actively working with smart contract auditors and centralized exchanges in the industry to identify the attacker and assist in recovering the funds. The company has set out a bounty program for the attacker to identify the bug in order to double down on its efforts.
The second "big" exploit on the Avalanche blockchain.
Earlier in September, yield-farming DeFi protocol Zabu Finance was also hacked. The attacker stole roughly $3.2 million about a week after it launched. Unfortunately, the amount stolen brought the native token to Zabu Finance (ZABU) to zero.
However, the core of the hack was a vulnerability in the design of the Spore pool, which allowed the minting of 4.5 billion ZABU that were successfully withdrawn from the platform, which inevitably flattened out its value.
Vulnerabilities in the platform protocol lead to the hack
Despite the fact that this is the second major hack on the Avalanche blockchain, the AVAX token is still on an upwards trend at the time of writing. While many people might assume that these hacks can hurt the reputation of the blockchain, the attacks aren't occurring because of the blockchain itself. Instead, the hacks are due to the mechanisms of the applications and platforms built on it.
While the team at Vee Finance is still investigating this attack, time will tell which vulnerability led to the attack. As blockchain and cryptocurrencies continue to develop and the interests among investors increases, scams and hacks will become more sophisticated. The silver lining is that since these attacks occur on a blockchain, transactions can be tracked easily since the ledger is completely public.