Nexo

Start Earning Up to 16% Interest Automatically

Learn More
Home » Analysis » Hacker Performs $3 Million Attack On Paid Network

Hacker Performs $3 Million Attack On Paid Network

by

The DeFi platform has been exploited via a bug that allowed an attacker to mint tokens.

Hacker Performs $3 Million Attack On Paid Network
Shutterstock photo by PabloLagarto

Share this article

The DeFi protocol Paid Network has been exploited via a vulnerability that allowed an attacker to create millions of new tokens.

Millions Dumped By Hacker

On Mar. 5, an unknown hacker exploited Paid Network’s smart contract and created over 59.4 million PAID tokens worth $166 million at the attack time.

“The attacker used a compromised private key to the original contract deployer to leverage the smart contract’s upgrade function. The attacker then proceeded to ‘upgrade’ to a new smart contract that had the ability to burn and re-mint tokens,” the team said.

Soon, the hacker moved on to selling the illicitly-created 2,501,203 $PAID tokens on Uniswap for 2,040.4339 ETH (about $3 million at the time).

The flood of new tokens into the market, as well as intense selling from the hacker, instantly crashed the PAID token price from $2.80 to $0.30 (at the time of publishing).

Updates On the Way

Even though the team has denied an inside job, critics in the community have speculated the attack could be a “rug pull.”

Paid Network has announced that it is pulling liquidity from the vulnerable smart contract to prevent further damage. The team is also planning to create a new contract to restore token balances.

Update: On Mar 7, the Paid Network team published a detailed post-mortem report.

Share this article

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

Crypto Briefing may augment articles with AI-generated content created by Crypto Briefing’s own proprietary AI platform. We use AI as a tool to deliver fast, valuable and actionable information without losing the insight - and oversight - of experienced crypto natives. All AI augmented content is carefully reviewed, including for factural accuracy, by our editors and writers, and always draws from multiple primary and secondary sources when available to create our stories and articles.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.