Tag: Furucombo

Furucombo Will Issue IOU Tokens to Compensate Hack Victims

by Cryptobriefing

Key Takeaways

  • Furucombo will issue 5 million iouCOMBO tokens to compensate victims of the hack.

  • The iouCOMBO tokens will have a 360-day linear-vesting period.

  • The team has reported the hacking incident to law enforcement.


The DeFi news category was brought to you by Ampleforth, our preferred DeFi partner


Share this article



Furucombo has announced that they will issue “iouCOMBO” tokens to the victims.

Furucombo to Reimburse Hack

Furucombo was hacked on Feb. 27 for $14 million in ETH and ERC-20 tokens.

This affected 22 users who lost their funds. The team lost $1.74 million of working capital in the hack.

On Mar. 2, the team announced that they had fixed the exploit and subsequently deployed a new proxy smart contract.

SIMETRI
Nexo Earn

The team will compensate the victims of the hack by issuing 5 million IOU tokens. These iouCOMBO tokens will be in the form of ERC-20 tokens and represent the right to claim COMBO tokens.

These 5 million tokens will be allocated to the recovery pool. One million of the allocated funds will come from the core team, while the remaining 4 million will come from its community growth fund. This allocation will go live in April after the security audits have been completed.

These iouCOMBO tokens will have a 360-day linear-vesting period.

For example, if Alice has 1,000 iouCOMBO tokens, when she locks-up her iouCOMBO in the recovery pool on April 14th, she will be able to claim 1,000 * (45/360) = 125 COMBO immediately. She can claim the remaining 875 COMBO gradually in the following 315 days.

SIMETRI 10x potential
Sorare

Additionally, the team has reported the hacking incident to legal authorities. They are cooperating with Certora to get a full audit and are seeking an additional firm so that they can have audits from two different companies.

On Jan.7, Furucombo raised a sum of $1.85 million in their seed round funding.

The market has reacted negatively to this announcement. Furucombo’s native COMBO token price is trading at $2.39, down 18.7% in the past 24 hours.

Disclosure: The author didn’t hold crypto mentioned in this article at the time of press.

The DeFi news category was brought to you by Ampleforth, our preferred DeFi partner

Ampleforth Adaptive Gold Stablecoin

This news was brought to you by ANKR, our preferred DeFi Partner.


Share this article



The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.



DeFi Transaction Bundler Furucombo Hacked for $14 Million

Furucombo, a dApp focused on easily creating multi-step transactions for trading and DeFi without knowing how to code, just got compromised. At press time, a hacker managed to drain over…

Project Spotlight: Furucombo

Furucombo takes the “money legos” slogan and turns into a single platform. The slogan refers to the reduction of traditional financial tools into their constituent parts. Once reduced to these…

Looking Back on 2020 and 2021 Predictions

Happy New Year from all of us at Crypto.com Research! 2020 was an unprecedented year for the world and for crypto. Before we fully plunge into 2021 predictions, we will…

DeFi Money Lego App Furucombo Lands $1.85M Investment Ahead of Token L…

Decentralized finance aggregator platform Furucombo has raised $1.85 million in a seed funding round from leading DeFi venture capitalists.  Furucombo’s DeFi Legos Earn Investors’ Attention The funding round was led…



Source

Tagged : / / /

Transaction batching protocol Furucombo suffers $14 million “evil contract” hack

by Cointelegraph

The latest “evil contract” exploit has netted an attacker over $14 million in stolen funds. 

Furucombo, a tool designed to help users “batch” transactions and interactions with multiple protocols at once, fell victim to the attack which centered on token approvals from users.

The attacker’s address currently has $14 million is various cryptocurrencies, but the attack appears to be larger as they have been transferring ETH to privacy mixer Tornado Cash in batches over the last hour.

This attack is conceptually similar to the $20 million “evil jar” attack that struck Pickle Finance last year, as well as the $37 million “evil spell” exploit that hit Alpha Finance earlier this month. In these “evil contract” exploits, an attacker creates a contract that fools a protocol into believing it belongs there, giving them access to protocol funds.

In this case, the attacker ‘tricked’ the Furucombo protocol into thinking that their contract was a new verison of Aave. From there, instead of draining funds from the protocol as in previous evil contract exploits, they instead leveraged the ability to take the funds of every user who had given the protocol token permissions. 

“Infinite permissions means you can wipe everyone who interacted with Furucombo,” said whitehat hacker and co-founder of DeFi Italy in a statement to Cointelegraph.

This exploit type appears to be growing increasingly popular, now accounting for over $70 million in user funds lost in just a few months.

The team confirmed the attack in a Tweet, saying that they “believed” they’d mitigated the exploit but recommended revoking permissions “out of an abundance of caution:”

Users can leverage tools like revoke.cash to do so. 

The attack comes during a period of wider reflection in the DeFi world on security and the utility of auditing companies. In the last three months, three different auditing and code review services have emerged, each with a different incentive model designed to encourage more thorough and dynamic security practices.