EasyFi Hacked for $81 Million

April 19, 2021

Summary #

On April 19, 2021, a hacker stole $81 million worth of cryptocurrency from EasyFi, a decentralized finance platform. The hacker introduced a malicious version of MetaMask into the computer and stole the private key.

Attackers #

The identity of the hackers who attacked EasyFi is unknown.

Hacker ETH Wallet:

0x83a2EB63B6Cc296529468Afa85DbDe4A469d8B37

Losses #

EasyFi estimated the losses from the hack to be $81 million. The stolen assets included:

2.98 million EASY
$6 million in USDT and DAI

Timeline #

April 19, 2021, 10:26:19 AM +UTC: Hacker conducts the malicious transaction.
April 20, 2021: EasyFi published exploit Post-Mortem, announced $1 million reward for refund and not to undertake any legal proceedings regarding this incident.
April 29, 2021 08:05:40 PM +UTC: EasyFi has conducted a hard fork, and created a new token contract in an effort to compensate users affected by the hack.

Security Failure Causes #

Injection Vulnerability Exploitation: The attacker injected a malicious version of MetaMask, showcasing a severe injection vulnerability which allowed unauthorized access to mnemonic/private keys to execute unauthorized transactions.
Insufficient Access Controls: The machine compromised was dedicated to official transfers but was successfully accessed by the attacker, indicating inadequate access control measures.
Delayed Incident Response: The machine’s offline status at the time of attack delayed the response, enabling the attacker to drain substantial assets from the protocol, reflecting a need for enhanced incident detection and response strategies.

Market Health Metrics API

Benford's Law

Volume distribution analysis

Time-of-Trade

Buy/Sell Ratio

VWAP

Attack Types

Entity Types

Target Entities

51% Attacks

Custodian Attacks

Flash Loan Attacks

Lockout Scams

Phishing Attacks

Reentrancy Attacks

Rug Pull Scam