The exchange has been taken offline due to the discovery of the bug and the team has implemented an “emergency fix” and updated the decentralized exchange.
Minutes before 12 a.m. UTC on June 6, the CEO and co-founder of the Elrond Network, Beniamin Mincu, tweeted that he and his team were “investigating a set of suspicious activities” on the Maiar decentralized crypto exchange (DEX).
Soon after the exchange was taken offline with Mincu reporting the issue was identified and an “emergency fix” was being implemented.
In a Twitter thread posted almost 24 hours later around 11 p.m. UTC on June 6, Mincu said a potentially critical bug was identified which opened “an exploit area that we simply had to address and mitigate immediately.”
The suspicious activities have been possibly identified and explained in a Twitter thread by pseudonymous on-chain analyst “Foudres” who revealed the potential attacker deployed a smart contract that somehow allowed them to withdraw over 1.65 million Elrond (EGLD).
Three wallets were able to mysteriously withdraw 800,000, 400,000 and 450,000 EGLD respectively which at current prices would in total be worth nearly $113 million.
The attackers were able to sell around 800,000 EGLD worth around $54 million which caused the price of EGLD on the Maiar DEX to plummet from $76 down to around $5. The rest of the crypto is either still held in various wallets, has been bridged to USD Coin (USDC) and Ether (ETH), or was sold on centralized exchanges.
The price of EGLD dropped 9.5% from around $74 down to a 24-hour low of $65.50, but has since slightly recovered now trading near $68.
Mincu stated in his update that an upgrade was implemented to fix the bug and that a technical explanation would be provided after clarification that the implemented solutions are tested and working.
He claimed that all funds are safe and will be available when the DEX restarts, which is scheduled for tomorrow evening, saying most exploited funds have been either recovered in full or will be covered by the Elrond Foundation.
As previously reported by Cointelegraph, approximately $1.6 billion in cryptocurrencies have been stolen from DeFi platforms in the first quarter of 2022 and over 90% of all stolen crypto is from hacked decentralized finance (DeFi) protocols such as DEXs.
The Maiar Exchange, a decentralized exchange (DEX) native to the Elrond blockchain has been taken offline temporarily after an attacker utilized an exploit making off with roughly $113 million worth of EGLD.