EasyFi Hacked for $81 Million

Summary

On April 19, 2021, a hacker stole $81 million worth of cryptocurrency from EasyFi, a decentralized finance platform. The hacker introduced a malicious version of MetaMask into the computer and stole the private key.

Attackers

The identity of the hackers who attacked EasyFi is unknown.

Hacker ETH Wallet:

Losses

EasyFi estimated the losses from the hack to be $81 million. The stolen assets included:

  • 2.98 million EASY
  • $6 million in USDT and DAI

Timeline

Security Failure Causes

  • Injection Vulnerability Exploitation: The attacker injected a malicious version of MetaMask, showcasing a severe injection vulnerability which allowed unauthorized access to mnemonic/private keys to execute unauthorized transactions.
  • Insufficient Access Controls: The machine compromised was dedicated to official transfers but was successfully accessed by the attacker, indicating inadequate access control measures.
  • Delayed Incident Response: The machine’s offline status at the time of attack delayed the response, enabling the attacker to drain substantial assets from the protocol, reflecting a need for enhanced incident detection and response strategies.