Altcoins Talks - Cryptocurrency Forum
Learning & News => News related to Crypto => Topic started by: ABCbits on April 23, 2025, 11:08:59 AM
-
How This Ethereum DeFi Project Just Lost Nearly $800K
For all decentralized finance’s promise to democratize access to financial services, dabbling in the space can often feel like adventuring through the Wild West as it continues to be plagued by security issues, often with no recourse for users.
The latest instance highlighting this is the hack of an up-and-coming DeFi project on the Ethereum network... Read more here (https://finance.yahoo.com/news/ethereum-defi-project-just-lost-120103102.html).
It's crazy to see ROAR team give important piece of their project to contractor, without proper audit afterwards. But it seems the rouge contractor is impatient, since total stolen ROAR is just about 0.012% of ROAR total supply. Upon re-checking DEX data, the total stolen 1ROR/ROAR is about 1% of total supply. Your opinion is greatly appreciated.
-
Whoa...the excitement of the $ROAR has unfortunately turned into a stifled $MEOW! Such a kind of a vulnerability has become one of the many things plaguing the DeFi sector and has become a big source of business revenue for rogue players all affecting the cryptocurrency industry. Don't get me wrong...I will continue on believing in the full and game-changing potential of DeFi but there must be a way to proactively avoid a problem like this as this is another dagger on the confidence and trust of the people in investing their money in this space. There has been no quarter (3 months) when we don't hear a similar story and I pity the possible victims on this case. I am hoping that $ROAR will eventually gets the power to do its roaring in the market.
-
It's crazy to see ROAR team give important piece of their project to contractor, without proper audit afterwards.
So if I'm reading this correctly, one of their developer (not their core ones, according to their claim) managed to sneak in a backdoor in the code that allows this to happen. I guess they trusted them to some extent, because it's hard to believe they hire random people/businesses without doing any research at all. They also claim they'll sue or do something to punish this developer, too, so that's that. I guess this project has limited manpower to verify the code, so they just dump that to another party and assume everything is well, or their Q&A team is terrible at their job considering how easy it is for others to point out the fault of the smart contract (judging from the article narration at least).
-
Don't get me wrong...I will continue on believing in the full and game-changing potential of DeFi but there must be a way to proactively avoid a problem like this as this is another dagger on the confidence and trust of the people in investing their money in this space. There has been no quarter (3 months) when we don't hear a similar story and I pity the possible victims on this case. I am hoping that $ROAR will eventually gets the power to do its roaring in the market.
it seems like almost no one can be trusted within this community they report that the one who did the malicious act was a contracted developer anyone could commit these acts should they have enough access to the project i do not think this is specific to defi projects because as i said anyone can commit this kind of thing if they were just given enough access to the project which in this case being a developer allows him access to pretty much everything in the project and he took advantage of such privilege
it is hard to protect the project when the very person who will cause harm to is someone who is part of the team that are supposed to make the project work and succeed
-
So if I'm reading this correctly, one of their developer (not their core ones, according to their claim) managed to sneak in a backdoor in the code that allows this to happen. I guess they trusted them to some extent, because it's hard to believe they hire random people/businesses without doing any research at all. They also claim they'll sue or do something to punish this developer, too, so that's that.
Such news cannot be verified, as even the reported breaches could have been carried out in collaboration with the #DevelopmentTeam or by a former employee, especially since many of these projects focus on profit rather than development, and many decentralized bridges are centralized at some point.
-
Whoa...the excitement of the $ROAR has unfortunately turned into a stifled $MEOW!
That made me laugh, since the news mentioned the price crashed for a while.
It's crazy to see ROAR team give important piece of their project to contractor, without proper audit afterwards.
So if I'm reading this correctly, one of their developer (not their core ones, according to their claim) managed to sneak in a backdoor in the code that allows this to happen. I guess they trusted them to some extent, because it's hard to believe they hire random people/businesses without doing any research at all. They also claim they'll sue or do something to punish this developer, too, so that's that. I guess this project has limited manpower to verify the code, so they just dump that to another party and assume everything is well, or their Q&A team is terrible at their job considering how easy it is for others to point out the fault of the smart contract (judging from the article narration at least).
I can see the core team trust this contractor developer. But even if they can't do it themselves, they could use 3rd party audit service.
-
I don't know if it seems to me or that DeFi is full of holes like Swiss cheese? It seems that it's not even a question of whether such projects can be hacked, but only a question of when someone will do it - so I wonder why people still believe in such things and invest in them?
-
It's crazy to see ROAR team give important piece of their project to contractor, without proper audit afterwards. But it seems the rouge contractor is impatient, since total stolen ROAR is just about 0.012% of ROAR total supply. Your opinion is greatly appreciated.
Well, that's a shame I didn't know about this project. Maybe it's still in development and doesn't have official users yet, so the $785K loss of 100M 1ROR only affects the #DevelopmentTeam instead of DeFi users.
I thought we were long past the DeFi hack season, but now things still seem unsafe for even project teams. They misplaced their trust in an "outsourcing" partner for their protocol, and the consequences followed. I hope this incident isn't misunderstood as a sign of DeFi insecurity on Ethereum. If whales want to exploit this news to further suppress the ETH price, that would be a really harsh and risky move.
-
It's crazy to see ROAR team give important piece of their project to contractor, without proper audit afterwards. But it seems the rouge contractor is impatient, since total stolen ROAR is just about 0.012% of ROAR total supply. Your opinion is greatly appreciated.
Well, that's a shame I didn't know about this project. Maybe it's still in development and doesn't have official users yet, so the $785K loss of 100M 1ROR only affects the #DevelopmentTeam instead of DeFi users.
I thought we were long past the DeFi hack season, but now things still seem unsafe for even project teams. They misplaced their trust in an "outsourcing" partner for their protocol, and the consequences followed. I hope this incident isn't misunderstood as a sign of DeFi insecurity on Ethereum. If whales want to exploit this news to further suppress the ETH price, that would be a really harsh and risky move.
Actually, the hack and more criminality is still on rampage on the entire crypto economy, and not just the DEFI alone, it is almost uncontrollable generally.
As for the ROAR project team, I think they relyied on the partner so much that they thought that every thing is fine, unfortunately they lost huge amounts. This may negatively impact the overall development of this project, and it is also an eye opener for projects to be mindful of who they partner with, and the level of trust given to partners with regard to managing confidencial or sensitive documents.
-
I never invest in such projects and i wonder why people do it. There is always negative news like this about backdoors, scams and hacks. This scenario is a very interesting one as the project was hacked by contractors hired by the projects themselves, it is crazy.
-
Investing in such projects is always risky, either one will make fortunate from such investment or end up losing the money that he/she has invested and that's a fact. I've lost so much money by investing in such projects and personally I will stay away from any new project and focus more on the blockchains that're already established. Why not to invest in Solana, ETH, BTC, TON, rather than investing in such coins?