Skyward finance exploit allegedly results in $3 million loss
Skyward finance, an IDO platform enabling fair token distribution for projects on the NEAR Protocol, has reportedly been exploited for 1.1M NEAR tokens, worth an estimated $3 million USD at time of publication.
The news was shared on Twitter by Aurora Lab's community moderator Sanket Naikwadi, who stated that the exploit was first noticed by a member of the NEAR protocol community, who goes by the handle @Nearscout.
The @skywardfinance was just exploited for ~1.1M $NEAR Tokens (Worth ~3M) . Thnx to @NearScout for noticing the treasury drain, he pinged me asking if something is wrong with skyward... then we looked into contract txns and found out about the exploit and sus txns.smol
— SankΞt Ⓝ⚡️| sanketn81.near ,sanketn81.lens (@sanket_naikwadi) November 2, 2022According to the series of tweets on the exploit, Ref finance — a community-led multi-purpose DeFi platform built on the NEAR Protocol — and the Skyward team have been notified of the drain.
The exploiter reportedly initiated the drain by buying lots of skyward tokens on Ref Finance, and “then redeemed it through Treasury on Skyward Finance.”, where they appear to have “got lots of NEAR than what 1 SKYWARD was worth”.
Naikwadi cautioned SKYWARD Token holders to redeem or swap their tokens wherever they can, and no longer interact with Skyward Finance, adding that the “Hacker has already withdrawn NEAR to lots of different wallets.”
If you're a SKYWARD Token holder redeem/swap wherever you can and no longer interact with Skyward Finance.Hacker has already withdrawn NEAR to lots of different wallets.Huge shoutout again to @NearScout.also, Shoutout to @pikespeak_ai , it helped a lot in identifying the txns
— SankΞt Ⓝ⚡️| sanketn81.near ,sanketn81.lens (@sanket_naikwadi) November 2, 2022Related: Barely halfway and October already the biggest month in crypto hacks: Finance Refined
Exploits within the Defi ecosystem appear to be on the rise. Blockchain analytics firm Chainalysis recentlylabeled October 2022 as “the biggest month in the biggest year ever for hacking activity."
On Oct 12, Cointelegraph reported that $100 million worth of cryptocurrency was drained from Solana-based decentralized finance (DeFi) exchange Mango Markets, resulting in its token plunging by 52%. On the same day of the Mango Market’s exploit, TempleDAO was also exploited for $2 million.