hack

On September 12, the bZx decentralized finance (deFI) platform suffered from an attack where the attacker was able to obtain control over $8 million worth of cryptocurrency. The fault was due a single misplaced line in their iToken smart contract’s transferFrom method, allowing an attacker to duplicate their tokens, consequently allowing them to increase their token balance arbitrarily. The bug remained hidden, though, during an extensive 19 person-week auditing by two security companies, Peckshield and CertiK.