Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Terra blockchain experienced a security breach that led to the theft of tokens. The attackers exploited a known vulnerability related to the third-party module IBC hooks, stealing the value of cross-chain assets, including USDC stablecoins and Astroport tokens. The Terra team has taken emergency measures to prevent further losses and coordinated with validators to apply a patch to fix the vulnerability. According to Zaki Manian, co-founder of Sommelier Finance, although the vulnerability was patched in the Cosmos ecosystem back in April, Terra did not include this patch in their June upgrade, resulting in the vulnerability being re-exposed and exploited. Attack method (per SlowMist): Third-party Vulnerability. Reported loss: $ 5,280,000.
- chain
- —
- protocol
- Terra
- bug_class
- infrastructure
- date_occurred
- 2024-07-31
- loss_usd
- $5,280,000
- source_id
- sm:terra::2024-07-31