MM.Finance, the largest Defi platform on the Cronos blockchain, has been hit by a massive cyberattack. As a result, the hackers involved stole more than $2 million in CRO tokens from users.
A Frontend Exploitation
MM.Finance, which has the largest ecosystem on Cronos confirmed the hack on Wednesday. The DeFi initiative also cautioned its users not to conduct transactions due to the frontend compromise. According to the project, the attacker was successful in inserting a malicious contract address into the frontend code. It also highlighted that a Domain Name System (DNS) exploit was utilized to change the router contract address in the platform's stored files. In other words, the exploiter used a fraudulent contract address to redirect incoming funds to their own wallet.
Moreover, MM.Finance voiced concern about users who have lost their funds and are in a state of panic. The cyberattack harmed users who performed actions such as swapping, adding, or removing liquidity during the attack.
Subsequently, the stolen funds were transferred to the Ethereum network via the Multichain protocol before being diverted to a private protocol called Tornado Cash. Following that, MM.Finance revealed that the funds ended up at OKX exchange.
Although the hack disrupted the project's activities, the price of MMF was only momentarily influenced. Interestingly, liquidity remained solid, with over $800 million in total value locked (TVL) as of yesterday.
So far, MM.Finance has compiled the addresses of victims of the attack, and the team has assured them of compensation and reimbursement. The team will also set up a compensation pool that will last 45 days.
Also concerning the attack, the Cronos-based DeFi project stated that it will confer with other security organizations. The firms will subsequently investigate DNS setups at the service provider level to prevent similar attacks. In addition, MM.Finance will remove two service providers from its distribution layer to drastically limit the cyberattacks.