CertiK: Vow suffered $1.2m exploit, token plunged 80%

08/14/2024 14:52
CertiK: Vow suffered $1.2m exploit, token plunged 80%

Vow suffered a $1.2 million exploit as it tested a new rate setter function

CertiK: Vow suffered $1.2m exploit, token plunged 80%

Vow, a decentralized discount voucher issuer, recently suffered an exploit that put its native token on the cusp of a collapse. 

According to a CertiK report shared with crypto.news, Vow was exploited to $1.2 million immediately after the platform tested a rate setter function on Aug. 13. 

Per Vow’s X post, the testing took a total of 15 to 30 seconds from changing the rate setter to reverting it back to its normal setting. During the test, the report says, the amount of “vUSD received per VOW token was changed from 1 to 100.”

Subject: Update on Recent Market Incident and Ongoing Efforts

Dear Community,

We want to clarify the recent incident that has occurred while our team was testing the USD rate setter function of the v$ contract in order to mint v$ for the new lending pool and oracle functions.…

— Vow (@Vowcurrency) August 13, 2024

While the team was testing the new rate for a short span of time, a bot acquired 20 million Vow (VOW) tokens, worth $6.6 million at the time of the exploit, and then swapped the tokens for Ethereum (ETH) on Uniswap V2 for a total of 452 ETH, worth $1.23 million.

Vow added that the team is working on a fix and increased the token’s burn rate to 50%. This will help VOW’s circulating supply drop to its normal level.

Update: MVD Notification of VSR burn rate change with immediate effect

As part of ongoing measures to mitigate the impact of the exploit noted earlier today, the ecosystem priority is to reduce discount vouchers in supply to the pre-exploit state.

For clarity $VOW supply has…

— Vow (@Vowcurrency) August 13, 2024

The exploiter still holds the ETH received from Uniswap, according to Etherscan data

Unlike the majority of the hacks within the crypto ecosystem, the attacker didn’t deposit the funds into a newly-created wallet. On-chain data shows that the attacker address interacted with the popular cryptocurrency mixer, Tornado Cash, around four months ago on April 23.

At this point, the VOW token is down by 80% in the past 24 hours and is trading at $0.06 at the time of writing. The asset’s market cap is currently sitting at $41 million. 

CertiK: Vow suffered $1.2m exploit, token plunged 80% - 1
VOW price – Aug. 14 | Source: CoinGecko

The fear around the hack triggered a 1,400% increase in VOW’s daily trading volume, taking it to the $12 million mark.

According to a Crystal Intelligence report in June, the cryptocurrency ecosystem lost roughly $20 billion to hackers and scammers since 2011. In the second quarter of 2024 alone, the industry fell victim to 72 incidents and lost $572.7 million to malicious actors.

Read more --->