Terra’s Mirror Protocol is said to be vulnerable to a new exploit.
According to “Mirroruser,” a pseudonym who wrote on the Terra Research Forum on May 28, 2022, the DeFi application Mirror Protocol, which is built on Terra, is supposedly vulnerable to yet another attack. This afternoon, “@FatManTerra” reiterated it on Twitter. According to FatMan, who has been commenting on the Terra research forum for the past several weeks, a defect in the LUNC pricing oracle has purportedly drained over $2 million, and maybe more, from the current exploit. The buggy oracle, according to his report, is threatening to drain all liquidity pools on Mirror.
FatMan mentioned past attacks on the Mirror Protocol last week. The Mirror Protocol is a decentralized finance (DeFi) platform that enables users to produce and trade “mirrored assets,” or mAssets, that “reflect” stock prices, including major equities listed on US exchanges. Mirror Protocol was hacked for $90 million in October 2021 on the old Terra blockchain, which remained unreported until this week, according to The Block. Developers stated Friday that Terra’s new blockchain was deployed over the weekend, which featured an airdrop of fresh LUNA coins to users as part of a bigger attempt to resuscitate the ecosystem.
Mirror Protocol, a DeFi program, was victimized by a $90 million vulnerability on the old Terra blockchain in October 2021, and it remained entirely undiscovered until this week. The Mirror protocol allowed users to utilize synthetic assets to take long or short bets on tech stocks. It was built on Terra, which crashed earlier this month when its main stablecoin lost its peg to the US dollar, causing its sister token Luna to crash as well. (The original blockchain has been restored as Terra 2.0, while the original chain has been resurrected as Terra Classic.) “FatMan,” a Terra community member and analyst, discovered the issue. He was one of the loudest critics of the Terra blockchain’s recent launch. BlockSec, a security firm, corroborated the community member’s findings by reviewing the same attack transaction. BlockSec confirmed that an exploit had taken place.