Saddle Finance Hacked For $11 Million USD Loss

Saddle Finance is no stranger to hacks. They’ve already been hit before, under somewhat suspicious circumstances. This time around, though, it looks like a plain old fatfinger by the developers. Saddle Finance was hacked today, 4/30/22, for the loss of 3,933 ETH, worth over $11 million.

The swap between sUSD and saddleUSD-V2 did not use the latest, correct, calculation library – instead using an older faulty version. This old calculation allowed the attacker to wind up an artificially large amount of saddleUSD-V2 by swapping back and forth, then used his Monopoly money to withdraw real assets from the protocol.

3/ The hack is made possible due to the wrong MetaSwapUtils lib is used for calculating the swap. The latest code is deployed in 0x824dcd7b044d60df2e89b1bb888e66d8bcf41491, but the old lib 0x88cc4aa0dd6cf126b00c012dda9f6f4fd9388b17 is used. Did that ring a bell? pic.twitter.com/LBmZjO2VfP
— PeckShield Inc. (@peckshield) April 30, 2022

And just like that, Saddle suffers another hit. Previously, they lost a paltry (in comparison) $275k USD. How many more hits can the protocol take and still keep going? Will the users keep coming back for more?

There is a bright side to the story, however. White hat hackers at a security firm were able to use this exploit to retrieve funds from another vulnerable pool that had not been exploited yet.

White hat hackers @BlockSecTeam were able to secure $3.8m. The team is in contact with them to return the funds
— Saddle (@saddlefinance) April 30, 2022

That’s a small silver lining for the victims of the Saddle Finance hack. Saddle has not issued any official statements or post mortems yet, as this situation is still developing.

This article may contain links to third-party websites or other content for information purposes. BowTiedIsland may receive a commission at no cost to you if you purchase a product after clicking one of these links. The Third-Party Sites are not under the control of BowTiedIsland, and BowTiedIsland is not responsible for the content of any Third-Party Site. All information contained herein is the opinion of the writer and does not constitute financial advice. We aim to act as a neutral third party and aid in your research and analysis.

The Jungle

Crypto, Investing, and E-Commerce with BowTied Bull

The future is internet based, therefore we have a triangle based approach with crypto, e-commerce business making and Investing in traditional assets

Learn More

The Culture War with BowTiedRanger

Whether you’re a political junkie or just interested in current events.

You’ve come to the right place for analysis of the most relevant current events and political issues.

Learn More

Fitness With BowTiedOx

BowTiedOx provides you a place to find all of his latest programs and guides.

Weekly newsletters that cover fitness, health, and mindset, all grounded in the fundamentals of physiology.

Learn More

Media Production with BowTied Turkey and BowTied Tamarin

Video is no longer optional.

Don’t get left behind.

Your brand deserves professional videos to engage your audience.

Learn More

Art & Graphic Design with BowTied Patriot

BowTied Patriot is a graphic artist who specializes in photography, mixed medium custom artwork, and NFT creation.

Join BowTiedPatriot as he dives into making Art in Web3.0 and The Metaverse.

Learn More

Cooking with BowTiedOctopod

Learn secrets from a fine dining chef for maximum flavor and time-saving efficiency

Newsletters on Ingredients, Techniques and Flavor hacks that will have you eating better. We will never eat bugs!

Learn More

Meme Warfare with DgenFren

Increase your online engagement, organically influence narratives, and build your online persona by using marketing that your target audience actually wants: memes.

Learn More