How $40M in Crypto Hacks Could Have Been Prevented in September with Forta Firewall

Article by Forta Network Oct. 7, 2024

September was a tough month for the crypto space, with ~$40 million lost to various smart contract exploits. But here’s the most interesting part: 99.99% of these losses could have been avoided with the help of Forta Firewall, a powerful solution designed to stop onchain attacks before they happen.

This post examines some of September’s more significant hacks, analyzes the vulnerabilities, and highlights the potential of Forta Firewall to prevent similar attacks.


#1. Penpie’s $27M Hack


What Happened:
Penpie was the victim of a $27 million hack, caused by a reentrancy vulnerability in its staking contract. The attacker exploited this flaw by using fake tokens to inflate rewards and drain the protocol’s funds.

How the Attack Unfolded:
The attacker repeatedly triggered the staking contract’s reentrancy bug, inflating rewards and siphoning $27 million from the system before anyone could respond.

How Forta Firewall Could Have Helped:
Forta Firewall would have detected the reentrancy vulnerability in Penpie’s contract and flagged it before the attacker could exploit it, fully preventing the $27 million loss.


#2. Onyx Protocol’s $4.2M Hack


What Happened:
Onyx Protocol lost $4.2 million due to an exploit that manipulated its VUSD market. The vulnerability was tied to a known issue in a Compound v2 fork, which left an unchecked input in its NFTLiquidation contract.

How the Attack Unfolded:
The attacker took advantage of the vulnerability by exploiting the unchecked input, leading to the liquidation of assets in an unintended manner, which resulted in a $4.2 million drain from the protocol.

How Forta Firewall Could Have Helped:
Forta Firewall could have identified the vulnerability tied to the Compound v2 fork and prevented the attack, securing Onyx Protocol’s funds before the breach.


#3. Bedrock DeFi’s $1.7M Exploit


What Happened:
Bedrock DeFi suffered a $1.7 million loss due to a flaw in its mint function. The vulnerability allowed the attacker to mint uniBTC at a 1:1 ratio for non-BTC assets, which led to the draining of 650 ETH (~$1.7M) from Bedrock’s liquidity pool.

How the Attack Unfolded:
The attacker manipulated the minting process, taking advantage of the 1:1 ratio loophole, and extracted 650 ETH from the system before anyone noticed.

How Forta Firewall Could Have Helped:
Forta Firewall would have detected this flaw in the mint function and stopped the attack in its tracks, preventing the entire $1.7 million loss.


Why Forta Firewall is the Key to On-Chain Security

In each hack, Forta Firewall could have detected and prevented the vulnerabilities that led to massive losses. By actively monitoring for known exploits and flagging risky transactions before they’re executed, Forta Firewall offers a critical layer of protection for on-chain protocols.

With market-leading capabilities powered by AI, Forta Firewall is the only solution that can lead the charge in securing the future of decentralized finance.

Want to learn more about how Forta Firewall works and how it can protect your protocol? Check out the in-depth blog post here and make sure to get in touch to take the first step in truly securing your project!