{"id":76705,"date":"2023-04-05T11:15:51","date_gmt":"2023-04-05T08:15:51","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=76705"},"modified":"2025-09-10T18:58:11","modified_gmt":"2025-09-10T15:58:11","slug":"hacker-extracts-at-least-500000-from-the-sentiment-protocol","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/hacker-extracts-at-least-500000-from-the-sentiment-protocol\/","title":{"rendered":"Hacker Extracts at Least $500,000 From the Sentiment Protocol"},"content":{"rendered":"<p>The DeFi liquidity protocol Sentiment was attacked. An unknown actor stole over $500,000 in digital assets.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">1\/2 <br \/>The Sentiment team is currently investigating the indictable extraction of funds from the Sentiment protocol. <\/p>\n<p>We have taken steps to identify the exploit\u2019s root cause and mitigate further protocol misuse.<\/p>\n<p>\u2014 Sentiment (@sentimentxyz) <a href=\"https:\/\/twitter.com\/sentimentxyz\/status\/1643391973280083970?ref_src=twsrc%5Etfw\">April 4, 2023<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The project team confirmed the incident but did not disclose the loss amount. The developers launched an investigation, seeking assistance from law enforcement and analytics firms.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;The Sentiment team is currently investigating the withdrawal of funds from the protocol. We have taken steps to identify the exploit\u2019s root cause and mitigate further malicious actions&#8221;, said Sentiment.<\/p>\n<\/blockquote>\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">1\/2 <br \/>The Sentiment team is currently investigating the indictable extraction of funds from the Sentiment protocol. <\/p>\n<p>We have taken steps to identify the exploit\u2019s root cause and mitigate further protocol misuse.<\/p>\n<p>\u2014 Sentiment (@sentimentxyz) <a href=\"https:\/\/twitter.com\/sentimentxyz\/status\/1643391973280083970?ref_src=twsrc%5Etfw\">April 4, 2023<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>According to on-chain researchers, the attacker exploited a re-entrancy bug on Balancer to execute malicious code. He took a flash loan on Sentiment, manipulating data to inflate the collateral price and withdrew 536,738.4 USDC via the Synapse Bridge on the <a href=\"https:\/\/u1f987.com\/en\/news\/what-is-arbitrum\">Arbitrum<\/a> network.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">Quick analysis we made with <a href=\"https:\/\/twitter.com\/lekhovitsky?ref_src=twsrc%5Etfw\">@lekhovitsky<\/a> about <a href=\"https:\/\/twitter.com\/sentimentxyz?ref_src=twsrc%5Etfw\">@sentimentxyz<\/a> incident: <a href=\"https:\/\/t.co\/CHfr0lB19O\">https:\/\/t.co\/CHfr0lB19O<\/a><\/p>\n<p>TL;DR:<br \/>Attacker used view re-entrance Balancer bug to execute malicious code before pool balances were updated and steal money using overpriced collateral<\/p>\n<p>\u2014 0xmikko.eth (@0xmikko_eth) <a href=\"https:\/\/twitter.com\/0xmikko_eth\/status\/1643345158451208192?ref_src=twsrc%5Etfw\">April 4, 2023<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Some experts noted that this was a recurring attack.<\/p>\n<p>Beosin researchers determined that losses from the attack amounted to about $1 million. They confirmed that the attacker used a reentrancy bug.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">Sentiment protocol was under an attack with a loss of ~$1 million caused by a price error due to reentrancy.<a href=\"https:\/\/t.co\/1cFOxqpbZV\">https:\/\/t.co\/1cFOxqpbZV<\/a> <a href=\"https:\/\/t.co\/5biOuaIKCo\">https:\/\/t.co\/5biOuaIKCo<\/a> <a href=\"https:\/\/t.co\/2Luk7YcuLA\">pic.twitter.com\/2Luk7YcuLA<\/a><\/p>\n<p>\u2014 Beosin Alert (@BeosinAlert) <a href=\"https:\/\/twitter.com\/BeosinAlert\/status\/1643476343886327808?ref_src=twsrc%5Etfw\">April 5, 2023<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>According to DeFi Llama, in the wake of the hack the value of assets blocked in Sentiment plummeted by almost half\u2014from $10.78 million to $5.27 million.<\/p>\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/lh3.googleusercontent.com\/ZfSeG-NjfPBTmKaDbXdFAbMYIdBoYq5u2fTKPqYZcqkoNWcHMVZqGfUbuAt2nekQ0P0FEfmlgjo2OS6PYTsHtDKTb9BzORifmK9t70TGMo1BB0SnBn3BQjihcnqW2fod1oxNf-3oao9pmTwmzoJnuK4\" alt=\"Hacker extracts at least $500,000 from Sentiment protocol\"\/><figcaption>Data: DeFi Llama.<\/figcaption><\/figure>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;Today\u2019s $1 million dollar Sentiment attack involved a whole festival of classic security problems, including bad reentrancy behavior on Balancer\u2019s part. <\/p>\n<p>But the core problem was that Sentiment totaled up the assets on an AMM to get a dollar value for them. <a href=\"https:\/\/t.co\/Q1GmqN0Dv2\">https:\/\/t.co\/Q1GmqN0Dv2<\/a>&#8221; said blockchain specialist Daniel Von Fange.<\/p>\n<\/blockquote>\n<p>As reported in April, the Allbridge cross-chain bridge lost digital assets worth <a href=\"https:\/\/u1f987.com\/en\/news\/hacker-attacked-allbridges-liquidity-pools-developers-halt-cross-chain-bridge\">about $570 000<\/a> in a hacking incident.<\/p>\n<p>In an interview with ForkLog, project cofounder Andrey Velikiy <a href=\"https:\/\/u1f987.com\/en\/news\/allbridge-co-founder-reveals-real-losses-and-the-attack-vector-on-the-protocol\">spoke about the real amount of damage<\/a> and the attack vector on the protocol, the possibility of recovering funds, and a plan to compensate affected users.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The DeFi liquidity protocol Sentiment was attacked. An unknown actor stole over $500,000 in digital assets.<\/p>\n","protected":false},"author":1,"featured_media":76706,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1154],"class_list":["post-76705","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crimes"],"aioseo_notices":[],"amp_enabled":true,"views":"31","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/76705","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=76705"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/76705\/revisions"}],"predecessor-version":[{"id":76707,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/76705\/revisions\/76707"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/76706"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=76705"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=76705"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=76705"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}