Goodbye Dego Finance.
Dego have claimed this to be a case of compromised keys, leaving us wondering:
Why didn’t they use a multi-sig?
The “lego of the decentralised world” protocol has asked Binance to pause deposits of their native token.
They’ve also asked Uniswap to prevent users from trading $DEGO, suggesting the founders might not understand the DeFi legos that feature in their branding.
Incompetence, or bad intentions?
Another case of “compromised keys” leaves us with little to say.
Obviously the attacker took it all.
Slowmist shows a list of the stolen assets.
Attackers address on ETH: 0x118203b0f2a3ef9e749d871c8fef5e5e55ef5c91
The attacker helped themselves to multiple LP tokens on both BSC and ETH, and then minted 600k DEGO, causing the price of DEGO to fall by 16%.
Despite their poor security decisions, the DEGO price chart shows a steady recovery, perhaps due to their large following on Twitter (~194K) and other medias.
Since the attack, Cocos-BCX have switched ownership to a multi-sig.
We should expect Dego Finance to do the same.
REKT serves as a public platform for anonymous authors, we take no responsibility for the views or content hosted on REKT.
donate (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C
REKT is not responsible or liable in any manner for any Content posted on our Website or in connection with our Services, whether posted or caused by ANON Author of our Website, or by REKT. Although we provide rules for Anon Author conduct and postings, we do not control and are not responsible for what Anon Author post, transmit or share on our Website or Services, and are not responsible for any offensive, inappropriate, obscene, unlawful or otherwise objectionable content you may encounter on our Website or Services. REKT is not responsible for the conduct, whether online or offline, of any user of our Website or Services.
you might also like...
Wintermute have lost over $160M to their second incident this summer. Using a vanity address for "gas savings" has cost them dearly. Last time, funds were returned, will Wintermute get lucky again?
The billion that wasn't. Tornado sanctions didn’t deter these Polkadot thieves, who tried to steal ~$1.3B in aUSD from Acala Network.
Curve fell victim to a DNS hijacking yesterday, with approximately $575k lost to malicious contract approvals. For users, DeFi protocols are only as secure as their centrally-hosted front end. How much longer will web3 rely on web2?