Terra attacker exploits IBC hooks vulnerability to steal 3 million USD worth of ASTRO and USDC

Deep Tide TechFlow News, Terra blockchain network encountered a security vulnerability attack, resulting in approximately 3 million US dollars worth of tokens being stolen. The attacker exploited a known vulnerability related to the third-party module IBC hooks, which is used for cross-chain contract calls and token transfers. The affected assets include the $USDC stablecoin and Astroport token.

The Terra team has implemented emergency measures to prevent further losses and is coordinating with validators to apply emergency patches to fix the vulnerability.

Sommelier Finance co-founder Zaki Manian explained that this vulnerability was discovered several months ago and was fixed in April in the Cosmos ecosystem. However, Terra failed to include this patch in the June upgrade, leading to a re-exposure and attack. It is worth noting that Terra emerged from the Terra Classic network in 2022 after its algorithmic stablecoin UST lost its peg to the US dollar.