The Terra blockchain faced a severe security exploit of approx. $6 million due to a vulnerability in the IBC hooks module, allowing an attacker to drain substantial assets.
However, block production resumed at 4:19 AM UTC today after a critical emergency upgrade, with over 67% of validators updating their nodes.
The exploit targeted bridged assets, including the USDC stablecoin and ASTRO tokens from Astroport Finance. Security firm Beosin estimates that over $6 million in tokens were stolen, leading to a 60% drop in ASTRO’s value.
This vulnerability had been previously patched across the broader Cosmos ecosystem in April 2024 but was overlooked in Terra’s June upgrade, leaving the network exposed.
The breach allowed attackers to execute malicious CosmWasm contracts through IBC interactions, resulting in the re-minting of assets. Specifically, attackers drained 3.5 million axlUSDC, 500k USDT, 2.7 BTC, and 60 million ASTRO tokens.
The compromised tokens were minted into the attacker’s wallet and transferred out before being “burnt” upon exit. This manipulation inflated the total value locked (TVL) figures on Terra, reflecting assets that no longer exist.
AD 4nXdr6j
Image Source: CyversAlerts
Terra blockchain paused operations at block 11,430,400, halting all user transactions. The team, in collaboration with Terra (Phoenix-1) validators, will implement an emergency patch to address a suspected exploit during this downtime, according to their official X post.
In response, Terra swiftly implemented emergency measures, coordinating with validators to apply an urgent patch to address the exploit. The incident underscores a critical need for robust security measures in blockchain infrastructure to prevent such vulnerabilities.
As the digital asset world grapples with these revelations, the spotlight is on Terra to strengthen its security protocols and restore confidence in its network. This breach highlights the ongoing challenges in securing blockchain systems and the necessity for continuous vigilance and upgrades.