Merlin Dex Liquidity Pool Hacked, Millions Stolen: What Happened and What Can We Learn?

According to reports, the Merlin Dex liquidity pool (0x82cf66e9a45Df1CD3837cF623F7E73C1Ae6DFf1e) on the zksync chain was attacked on April 26, 2023, according to the Beosin EagleEye security risk monitoring, warning, and blocking platform monitoring under the blockchain security audit company Beosin. The attacker’s address one (0x2744d62a1e9ab975f4d77fe52e16206464ea79b7) directly calls the transferFrom function to transfer the 811K USDC from the pool, and then uses Anyswap to cross chain to its Ethereum main network address. The attacker’s address two (0xcE4ee0E01bb729C1c5d6D2327BB0F036fA2cE7E2) extracts the ETH of 435.2 from the token 1 contract (WETH) and then uses Anyswap to cross chain to the Ethereum main network address (0x0b8a3 ef6307049aa0ff215720ab1fc885007393d), A total profit of approximately $1.8 million was made, and the Beosin KYT anti money laundering analysis platform found that the stolen funds were still stored on the two main Ethereum addresses of the attackers mentioned above. Beosin will continue to monitor the stolen funds.

ZkSync ecological DEX Merlin encounters an attack and funds are still stored on the attacker’s Ethereum main network address

The Merlin Dex liquidity pool on the zksync chain became a target of a recent hacking incident, where attackers managed to steal millions worth of cryptocurrency. This event has raised concerns about the security of decentralized finance (DeFi) and sparked discussions over how the industry can mitigate such risks. According to the Beosin EagleEye security risk monitoring, warning, and blocking platform under Beosin, the incident occurred on April 26, 2023.

Understanding the Attack

Beosin identified two attacker addresses in the hack: 0x2744d62a1e9ab975f4d77fe52e16206464ea79b7 and 0xcE4ee0E01bb729C1c5d6D2327BB0F036fA2cE7E2. The first address transferred 811K USDC from the pool by directly calling the transferFrom function. The funds were then transferred to an Ethereum main network address using Anyswap for cross-chain transactions. The second attacker address then extracted 435.2 ETH from the token 1 contract and crossed it to an Ethereum main network address using Anyswap. In total, the attackers made about $1.8 million in profit.

Beosin’s Response

Upon discovering the hack, Beosin’s KYT anti money laundering analysis platform traced the stolen funds and found that they were still stored on the two Ethereum addresses of the attackers. Beosin will continue to monitor these addresses to prevent the hackers from cashing out the stolen funds.

Lessons Learned

The Merlin Dex hack highlights the need for tighter security controls in DeFi. Smart contracts should undergo frequent and thorough security audits to detect and prevent vulnerabilities. Developers should also implement multi-signature wallets to limit the potential damage from a single compromised user. Moreover, regulatory authorities should accelerate their efforts to provide clear guidelines, guidelines for investors, and legal frameworks for decentralized finance platforms, which can help prevent criminal activities, money laundering, fraud, and other illegal acts.

Conclusion

The Merlin Dex liquidity pool hack is a stark reminder of the risks associated with investing in decentralized finance. As the industry continues to grow, it is essential that developers, regulators, and investors collaborate to improve the security and stability of DeFi platforms. By continuing to elevate security standards and implementing appropriate controls, the DeFi industry can continue to evolve and mature.

FAQs

Q1. What is Merlin Dex?
Merlin is a decentralized exchange (Dex) that uses zero-knowledge proofs (ZKP) to enhance privacy and transaction speed.
Q2. Can the stolen funds be recovered?
It is unlikely that the stolen funds can be recovered as they have already been transferred to the Ethereum network. However, Beosin is still monitoring the attacker addresses and working to prevent the hackers from cashing out.
Q3. What can individual investors do to protect themselves from DeFi hacks?
Individual investors should conduct thorough research on the DeFi platforms they are investing in and ensure they use reputable and regulated platforms. Implementing a multi-signature wallet and using a virtual private network (VPN) can also help protect against hacks.