bZx Hack II Full Disclosure (With Detailed Profit Analysis)

bZx Hack II: Five Exploitation Steps With Oracle Manipulation

Five Exploitation Steps For Profit

The exploit occurs at 2020–02–18 03:13:58 +0000 (Ethereum block height #9504627). The culprit transaction can be found on etherscan. As mentioned earlier, this attack process can be separated into the following steps:

Figure 1: Flash Borrowing From bZx
Figure 2: Pumping With Kyber (and Uniswap)
Figure 3: Hoarding From Synthetic
Figure 4: Collateralized Borrowing From bZx
Figure 5: Repay the Flashloan to bZx

About us

PeckShield Inc. is an industry leading blockchain security company with the goal of elevating the security, privacy, and usability of current blockchain ecosystem. For any business or media inquiries (including the need for smart contract auditing), please contact us at telegram, twitter, or email.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store