$371K in USDC stolen in an Avalanche flash loan exploit

coinjournalPubblicato 2022-09-08Pubblicato ultima volta 2022-09-08

Introduzione

Avalanche-based lending protocol Nereus Finance was hacked and $371K in USD Coin (USDC) was stolen.

Avalanche-based lending protocol Nereus Finance was hacked and $371K in USD Coin (USDC) was stolen. The hacker deployed a custom smart contract taking advantage of a $51 million flash loan from Aave.
CertiK, a blockchain cybersecurity firm, was among the first to detect the hack on September 6. CertiK at the time said that the exploit impacted liquidity pools relating to decentralized exchange Trader Joe and automated market maker Curve Finance on Nereus
But Curve Finance responded on September 7 arguing that maybe CertiK was referring to ‘assets impacted’ rather than protocols impacted since only Nereus Finance and its assets seemed affected by the exploit.
Post-mortem of the exploit
On September 7, Nereus Finance released a comprehensive post-mortem of the exploit saying that the hacker was able to deploy a custom smart contract targeting a $51 million flash loan from Aave to manipulate the price of AVAX/USDC Trader Joe LP pool for a single block.
Consequently, the hacker was able to mint 998,000 NXUSD, Nereus’ native token, using collateral worth $508,000. The hacker then swapped the minted NXUSD into different assets through several liquidity pools and managed to walk away with a net profit of $371,406 after the flash loan was returned.
While the hacker made a profit, the exploit created $508,000 worth of NXUSD ‘bad debt.’
Nereus was however quick to arrest the situation by developing a mitigation plan, notifying law enforcement, and then liquidating and pausing the exploited JLP pool. The NXUSD bad debt was paid off using the protocol’s treasury.
Nereus also noted that a similar exploit will not be possible in future since the protocol will amend its audit and security practices. Nereus noted:
“While this exploit is a bad incident — it’s not uncommon for protocols to face these types of battle tests.”
As of the time of writing, the Nereus team was still trying to identify the hacker by tracking the funds. It has offered a 20% White Hat reward for the return of the funds with no questions asked.

Crypto di tendenza

CitreaCTR

wrapped stUSDTWSTUSDT

Velodrome FinanceVELODROME

BrevisBREV

ZRX（0X）ZRX

PancakeSwapCAKE

Letture associate

Hyperliquid ETF Claim Draws Attention As HYPE Narrative Builds On X

A social media claim has brought attention to Hyperliquid (HYPE) and the growth of its related ETF products. According to a June 20 post on X by AlphaOnChain, three Hyperliquid ETFs launched in May 2026 have collectively amassed $158 million in assets under management, led by a Bitwise fund with $88 million and a 21Shares fund with $66 million. The article notes this claim is from social media and not verified by official issuer data, advising caution. Nonetheless, the report highlights that HYPE is gaining traction as a notable altcoin narrative. Its focus on on-chain perpetual trading and exchange infrastructure places it at the intersection of DeFi and derivatives, attracting traders looking for high-conviction plays beyond Bitcoin and Ethereum. The key takeaway is that while social momentum can influence short-term markets, sustainable growth for HYPE would require confirmed demand, liquidity, and continued ecosystem development.

bitcoinist1 h fa

Hyperliquid ETF Claim Draws Attention As HYPE Narrative Builds On X

bitcoinist1 h fa

How Does Codex Use a Computer? Three Entry Points and Permission Boundaries

This article explains the three primary methods for Codex to interact with a computer, each with distinct use cases, permission boundaries, and trust levels. **1. Computer Use:** This offers the broadest access, allowing Codex to visually control and interact with the graphical user interface of authorized macOS/Windows apps, system settings, and even iOS simulators. It's ideal for tasks lacking APIs or structured tools, such as operating legacy software or multi-app workflows. However, it's the slowest method and has the widest permission scope, requiring careful supervision for sensitive actions. **2. Chrome Extension:** This grants Codex access to the user's logged-in Chrome browser state, including cookies, profiles, and open tabs. It's best for tasks requiring user identity across websites like Gmail, LinkedIn, Salesforce, or internal dashboards. Its key advantage is multi-tab control for complex workflows. While more powerful for browser-based tasks than Computer Use, it carries higher sensitivity as actions are performed under the user's identity. **3. In-App Browser:** This is a browser isolated within the Codex thread, separate from the user's personal browsing data. It excels in web development and debugging scenarios—previewing local servers, testing responsive layouts, or annotating designs directly on the page. Its isolation is a strength for development but a limitation for tasks requiring login sessions. The core principle is to choose the narrowest, safest, and most structured interface for the task. Use plugins or MCPs first, resort to visual control (Computer Use) only for GUI-dependent tasks, employ the Chrome extension for identity-reliant browser work, and prefer the In-App Browser for isolated development. **Appshots** are clarified as a fourth, complementary tool for *inputting* context—capturing a screenshot of a window to point Codex to something—rather than a method for Codex to *act*. Together, this layered approach highlights a key to AI agent productization: not granting unlimited permissions, but constraining them within clear boundaries for specific tasks while preserving user oversight.

marsbit1 h fa

How Does Codex Use a Computer? Three Entry Points and Permission Boundaries

marsbit1 h fa

The "Iron Rule" of Chip Equipment Is Being Broken

For years, the semiconductor equipment industry followed an unwritten "iron rule": suppliers offered steep discounts for new tool introductions (Design-in) and faced consistent price pressure during repeat orders, especially during market downturns. This long-standing buyer's market dynamic is now being upended. Recently, SK Hynix's primary equipment suppliers have reportedly requested a 3-4% price *increase*, a nearly unprecedented move. This shift is driven by a severe supply-demand imbalance fueled by the AI compute boom. Securing equipment has become an urgent arms race as chipmakers' expansion speed dictates their ability to fulfill massive AI chip orders. Key areas feeling the strain include: **TCB (Thermal Compression Bonding) Equipment:** Demand is exploding, driven by the simultaneous needs of HBM4 memory stacking, AI chip Chip-on-Substrate (C2S), and logic Chiplet Chip-on-Wafer (C2W) packaging. Players like Hanmi Semiconductor, Hanwha Semitech, and ASMPT are receiving major orders. While hybrid bonding is seen as the future, TCB remains the pragmatic choice for HBM4 mass production, with its lifecycle extended by relaxed specifications and ongoing technological upgrades. **Test Equipment Bottlenecks:** Ironically, AI-driven shortages are now crippling test equipment manufacturing. Critical components like FPGAs, Driver ICs, and CPUs face severe shortages and extended lead times (up to 52 weeks for FPGAs), as AI data center and server vendors prioritize supply. This creates a paradoxical cycle: AI chip shortages drive fab expansion, which requires more test equipment, whose production is delayed because its key parts are diverted to make AI chips. The industry is entering a broad, AI-powered upcycle. SEMI forecasts global semiconductor equipment sales to hit a record $156 billion by 2027, fueled by investment in advanced logic/foundry, HBM-driven DRAM, and advanced packaging (like CoWoS). Major players like TSMC, SK Hynix, and Micron are aggressively ramping capital expenditure. In conclusion, leading equipment vendors are no longer just selling tools; they are selling the critical capability to deliver AI-era capacity. Pricing power is shifting decisively to those with indispensable technology in key process nodes like advanced logic, HBM, and advanced packaging, rewriting the industry's traditional power structure.

marsbit1 h fa

The "Iron Rule" of Chip Equipment Is Being Broken

marsbit1 h fa

Weekly Token Unlock: XPL to Release Millions in Token Value

Weekly Token Unlocks: XPL and SoSoValue Tokens Worth Over $10 Million Set for Release This week sees significant token unlocks for two projects. SoSoValue, an AI-powered crypto investment research platform, will unlock 13.03 million tokens, valued at approximately $3.87 million. The project aims to merge CeFi efficiency with DeFi transparency. Separately, Plasma, a Layer 1 blockchain designed for global stablecoin payments, will unlock 110 million tokens worth about $10.42 million. The network focuses on high throughput, stablecoin-native features, and full EVM compatibility. Both projects have provided their detailed token release schedules.

marsbit2 h fa

Weekly Token Unlock: XPL to Release Millions in Token Value

marsbit2 h fa

Bitcoin Must Hold $60K Or Risk Major Breakdown, TradingView Analyst Warns

Bitcoin has reached a critical juncture around the $60,000 level, which analysts view as a major technical and psychological support zone. According to a TradingView analysis, a successful hold above this demand area could pave the way for a recovery toward $81,000. However, the warning is clear: a decisive and sustained break below $60,000 would invalidate the bullish outlook, likely triggering stop losses and a deeper market correction. The current setup is described as a binary test—maintaining support keeps the recovery narrative alive, while losing it would signal a shift toward a more significant downturn.

bitcoinist3 h fa

Trading

Spot

Futures

Articoli Popolari

Come comprare AVAX

Benvenuto in HTX.com! Abbiamo reso l'acquisto di Avalanche (AVAX) semplice e conveniente. Segui la nostra guida passo passo per intraprendere il tuo viaggio nel mondo delle criptovalute.Step 1: Crea il tuo Account HTXUsa la tua email o numero di telefono per registrarti il tuo account gratuito su HTX. Vivi un'esperienza facile e sblocca tutte le funzionalità,Crea il mio accountStep 2: Vai in Acquista crypto e seleziona il tuo metodo di pagamentoCarta di credito/debito: utilizza la tua Visa o Mastercard per acquistare immediatamente AvalancheAVAX.Bilancio: Usa i fondi dal bilancio del tuo account HTX per fare trading senza problemi.Terze parti: abbiamo aggiunto metodi di pagamento molto utilizzati come Google Pay e Apple Pay per maggiore comodità.P2P: Fai trading direttamente con altri utenti HTX.Over-the-Counter (OTC): Offriamo servizi su misura e tassi di cambio competitivi per i trader.Step 3: Conserva Avalanche (AVAX)Dopo aver acquistato Avalanche (AVAX), conserva nel tuo account HTX. In alternativa, puoi inviare tramite trasferimento blockchain o scambiare per altre criptovalute.Step 4: Scambia Avalanche (AVAX)Scambia facilmente Avalanche (AVAX) nel mercato spot di HTX. Accedi al tuo account, seleziona la tua coppia di trading, esegui le tue operazioni e monitora in tempo reale. Offriamo un'esperienza user-friendly sia per chi ha appena iniziato che per i trader più esperti.

595 Totale visualizzazioniPubblicato il 2024.12.12Aggiornato il 2026.06.02

Discussioni

Benvenuto nella Community HTX. Qui puoi rimanere informato sugli ultimi sviluppi della piattaforma e accedere ad approfondimenti esperti sul mercato. Le opinioni degli utenti sul prezzo di AVAX AVAX sono presentate come di seguito.