Best crypto insights delivered straight to your inbox.
Decentralized exchange dYdX exposes details of $9 million attack on its v3 platform
- The attacker was identified, and legal action is pending.
- No customer funds were affected by the $9M attack.
- Enhanced security measures and preventive upgrades.
Decentralized exchange dYdX has released a post-mortem report regarding a “targeted attack” on its v3 platform in November, resulting in a $9 million loss in its insurance fund, equivalent to approximately 40% of the total fund. The exchange’s investigation has identified the attacker’s identity, and legal actions are being considered against the perpetrator.
dYdX attacker’s strategy and impact
The attacker executed a significant number of 5x leveraged long positions in YFI-USD (Yearn Finance’s native token) across over 100 wallets. By acquiring spot YFI tokens using various addresses, the attacker triggered a 215% surge in the token’s price.
Subsequently, the attacker reinvested their unrealized profits into additional YFI-USD positions, eventually reaching approximately $50 million.
To counteract the attacker’s actions, dYdX adjusted the YFI-USD market’s initial margin requirement while reducing the base and incremental position sizes. However, the attacker persisted, and on November 17, YFI’s price experienced a sudden drop of nearly 30% within an hour.
Despite the plummeting value of their holdings, the attacker failed to close their positions. The exchange’s insurance fund automatically compensated for the losses incurred by the attacker.
In a similar strategy employed a week before the YFI incident, the attacker targeted SUSHI-USD, extracting approximately $5 million in profits.
However, dYdX preemptively increased the initial margin requirement for SUSHI-USD to 100%, thwarting further attempts by the attacker.
Customer funds remain unaffected
dYdX has clarified that no customer funds were impacted by these attacks. Furthermore, it suggested that the attacker did not successfully profit from manipulating the YFI market.
In response to these orchestrated attacks, dYdX has implemented various security enhancements. The exchange has updated its v3 trading platform to include improved open-interest monitoring and alerting mechanisms.
Additionally, the upgraded v4 chain, designed to mitigate risks similar to the November incident, incorporates a new software feature that automatically adjusts the initial margin fraction in response to abnormal price movements.
Future outlook
While dYdX continues to communicate with the attacker and explore potential legal actions, it remains committed to bolstering its security measures to safeguard its users and assets.
The exchange’s proactive approach in enhancing its platform’s security and risk management capabilities is aimed at preventing future exploits.
The smartest crypto minds already read our newsletter. Want in? Join them.
Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.
Edward Hopelane
Edward Hopelane is a certified content specialist and a business developer. He enjoys writing about emerging technologies such as Blockchain, Crypto/NFTs, Web3, Metaverse, Artificial Intelligence, UI/UX, and whatnot. With vast experience in blockchain, he has turned complex web 3 topics to simple blog posts.
CRASH COURSE
- Which cryptocurrencies can make you money
- How to boost your security with a wallet (and which ones are actually worth using)
- Little-known investment strategies that the pros use
- How to get started investing in crypto (which exchanges to use, the best crypto to buy etc)