Team Finance Suffers $14.5 Million Security Breach

Summary

Team Finance experienced a significant breach on the Ethereum blockchain during a migration process from Uniswap v2 to v3, resulting in the theft of approximately $14.5 million. The exploit was executed through vulnerabilities in the smart contract, facilitating unauthorized token transfers and manipulations of the Initialize price within the V3 liquidity pool.

Attackers

The identity of the hackers who attacked Team Finance is unknown.

Hacker Ethereum Wallets:

Losses

Team Finance lost approximately $14.5 million in total:

  • ETH: 880
  • DAI: 6,429,327
  • CAW: 74,613,657,704
  • TSUKA: 1,183,757

Timeline

Security Failure Causes

  • Smart Contract Vulnerability: The breach was facilitated by a smart contract vulnerability, where inadequate security checks allowed attackers to bypass safeguards during the token migration process. This included the manipulation of liquidity pool prices and the execution of unauthorized token transfers, leveraging the system’s weaknesses for substantial financial gain.