Hackers have stolen $4.4 million from US-based Blockchain infrastructure company Meter during a cyberattack on the platform on Saturday.
The company said it manages an infrastructure that allows smart contracts to scale and travel through heterogeneous blockchain networks. The Meter network and the Moonriver network were affected by the hack, ZDNet reported.
Blockchain research company PeckShield confirmed that 1391 ETH and 2.74 BTC were stolen during the incident.
Meter was hacked around 2 pm ET on Saturday. The company urged users not to trade unbacked meterBNB circulating on Moonriver.
“We have identified the issue: Passport has a feature to automatically wrap and unwrap gas tokens like ETH and BNB for user convenience,” Meter said.
“However the contract did not block direct interaction of the wrapped ERC20 tokens for the native gas token and did not properly transfer and verify the correct number of WETH transferred from the callers’ address. We are working on compensating funds to all affected users.”
By 6 pm ET, Meter wrote that it stopped all bridge transactions and discovered that the issue related to a bug introduced in the automatic wrap and wrap of native tokens like BNB and ETH extended by the Meter team.
Meter said its extended code had a wrong trust assumption that let the hacker fake BNB and ETH transfers by calling the underlying ERC20 deposit function.
They are working with authorities and said they found some early traces of the hacker, urging the culprit to return the stolen money.
On Wednesday, hackers have stolen $324 million through the decentralized cross-chain message-passing protocol Wormhole.
