• Certik Alert revealed a cynical attack on Midas Capital, in which the exploiter acquired 663,101 MATIC worth $660,000.
• Midas Capital announced a pause on borrowing activities due to an investigation of a suspicious transaction involving a recently added collateral token (WMATIC_STMATIC).
• Midas Capital had made a wrong judgement in assuming a pool comprised solely ERC20’s wrapped assets.
Midas Capital, a venture capital organization that funds and supports blockchain projects to their success, recently announced the pause of their borrowing activities on the Jarvis Polygon pool. This was a result of an investigation into a suspicious transaction which included a recently added collateral token (WMATIC_STMATIC).
The token was listed last week on the official Midas capital website with a supply cap of 250,000. The company discussed adding the token with its team (Jarvis network) to add new options for pool utilizers. Implementation of the supply caps was to the prevention of grand borrows against such Liquidity pool tokens and was yet enough.
However, blockchain security watch firm Certik Alert revealed a cynical attack on Midas Capital. The firm added that the exploiter (0x1863…) gained 663,101 MATIC, worth $660,000 at the time of writing. The attack was successful due to Midas Capital’s wrong judgement in assuming that a pool comprised solely ERC20’s wrapped assets, and that the previous re-entry attack wouldn’t affect them while using ‚raw call‘ the chain’s native token. This was similar to an event that Midas Capital experienced before launching BNB with Ellipsis when the company highly backed LP tokens as collaterals.
Midas Capital is currently investigating the suspicious transaction, and has stated that their confidence of their oracle emanated from the ERC20 wrapping of the token. They are continuing to work on ensuring the safety and security of their users and their investments, and will be updating users on the progress of the investigation.