On March 5th, the decentralized finance ( DeFi) platform, PAID network, became yet the latest victim in another case of a crypto-related cyber-security breach.
While the actual identity of the hacker is yet to be revealed, details have emerged alleging that the DeFi project got attacked due to a vulnerability in the smart contract, which allowed a hacker to plant a token minting bug in the network.
A total of 54.9m PAID tokens (valued at $166m at the time of the event) were eventually created. Later, it was discovered that 2.5m (valued at $3m or 2k Etheruem precisely) have already been traded via Uniswap exchange, with 56m (worth almost $24m) extra PAID tokens left in what appeared to be the hacker’s wallet.
PAID Token Price Drops
The immediate sell-off of the minted tokens caused significant inflation in the total number of available tokens in supply, leading to a steep decrease in its price, from a previous day high of $2.80 to a meager $0.40.
As a first-level measure, the team revealed its decision to shut down the existing exploited smart contract. Afterward, a new smart contract will be launched, with plans to offset major damages users might have suffered in the security leak.
PAID Network Community Reacts
Seemingly frustrated by the repeated occurrence of such attacks, Twitter followers of the project have come out to allege that a core member of the team (probably a founder) must have masterminded the theft.
To further strengthen that accusation, they point to the fact that only the specialized addresses of a smart contract network are conferred with the privilege to pull function calls, which could lead to the creation of fresh tokens.
However, in its response, the team insisted the attack was not orchestrated by an “in-house” party. Rather, a follow-up tweet was dropped to assure users that a comprehensive report on the incident will be released soon.