Cronos DeFi Project MM.Finance Suffers $2M Exploit

The biggest decentralized exchange on Cronos has been hacked. MM.Finance, an ecosystem of DeFi applications and the biggest decentralized exchange on the Cronos blockchain, has suffered a $2 million frontend attack. The project reported the incident late Thursday after the attacker breached the app’s frontend and started moving funds to their address. “We have verified and theres a frontend breach. Please do not perform any transactions or your funds will be sent to the exploiter wallet. We will be disabling the frontend ASAP,” MM.Finance tweeted. According to a post-mortem report published by the project earlier today, the attacker leveraged a DNS vulnerability to modify the router contract address in the project’s hosted files and injected a malicious contract address into the project website’s frontend. The malicious contract then diverted the funds to the attacker’s wallet when anyone tried to make a swap, add, or remove liquidity on MM. Finance’s decentralized exchange.

Read more : Decentralized Exchange MM.Finance Suffers $2M Exploit.

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.