Meter, a blockchain infrastructure firm, says $4.4 million was stolen after an assault on the platform that began at 9 a.m. ET on Saturday. According to the company, it administers infrastructure that enables smart contracts to scale and transit across heterogeneous blockchain networks. The hack had an impact on both the Meter and Moonriver networks. PeckShield, a blockchain research company, verified that 1391 ETH and 2.74 BTC were stolen during the attack.
On Saturday about 2 p.m. ET, the firm announced that it had been hacked and advised users not to trade unbacked meterBNB circulating on Moonriver. "We have identified the issue: Passport has a feature to automatically wrap and unwrap gas tokens like ETH and BNB for user convenience. However, the contract did not block direct interaction of the wrapped ERC20 tokens for the native gas token and did not properly transfer and verify the correct number of WETH transferred from the callers' address. We are working on compensating funds to all affected users," the company explained.
Meter said that about 6 a.m. Pacific time, they discovered that someone had exploited a bridge vulnerability to mint a significant number of BNB and WETH tokens, depleting the bridge reserve for BNB on WETH. They promptly halted all bridge transactions and launched an investigation. Within 30 minutes, they determined that the problem was caused by a flaw in the Meter team's automatic wrap and wrap of native tokens such as BNB and ETH.
All of the other tokens and reserves are SAFU. Meter discovered some early indications of the hacker and are cooperating with authorities. They urged the hacker to return the funds.
"We are working on taking snapshots and designing a compensation plan to the WETH and BNB holders and LP providers. We urge all the liquidity providers that provide liquidity involving WETH and BNB to remove liquidity from the pool and wait for an additional announcement from the Meter team," they added.
On February 2nd, $324 million was stolen via the widely used decentralised cross-chain message-passing protocol Wormhole. Researchers discovered proof of an 80,000 ETH transfer from Wormhole, as well as the hacker selling another 40,000 ETH on Solana. They have offered $10 million in restitution to the hacker and the same sum to anyone who can provide information "leading to the arrest and conviction of those responsible for the hack."
