January 10, 2023
Security

Jaypeggers Exploit

On December 29, 2022, Jaypeggers, a tax-loss harvesting app for NFTs, suffered a reentrancy attack that resulted in the theft of 15.32 ETH, worth approximately $18,000. Hypernative was able to detect the attack and notify the Jaypeggers team in real-time, providing assistance in the investigation.

Meitar Yavneh

TL;DR

On December 29, 2022, Jaypeggers, a tax-loss harvesting app for NFTs, suffered a reentrancy attack that resulted in the theft of 15.32 ETH, worth approximately $18,000. The stolen funds were cashed out through Tornado Cash and Aztec. The Hypernative system was able to detect the attack and notify the Jaypeggers team in real-time, providing assistance in the investigation.

Tweet by @jaypeggerz - Dec 29, 2022
Tweet by @hypernativeLabs - Dec 29, 2022

Attack Analysis

Timeline of the Jaypeggers Exploit

First, the attacker’s address received anonymous funds through Tornado Cash, avoiding KYC’d funds sources. The Hypernative platform detected this transaction and alerted the address receiving funds from a mixer.

Next, the attacker prepared its tools for the attack and deployed its contract. The use of a contract enables the execution of more complex logic, such as multiple actions, through a single transaction, which is difficult to perform from an address that is not a contract (EOA).

About 3 minutes later, the attack was executed through the contract as follows:

  • The attacker began the attack transaction with a flash loan, borrowing 72.5 WETH.
  • The attacker then bought 13,584 JAY with 22 WETH.
  • The remaining borrowed WETH (50.5 WETH) was used to call the buyJay function , which, due to a lack of validation, allowed the attacker to insert their own malicious contract as if it were an ERC-721 token. The buyJay function then called the transferFrom function of the provided token, which was actually the attacker's malicious contract. This enabled the attacker to reenter the contract by calling the sell function of the JAY contract, allowing them to sell JAY tokens using a miscalculated price, and thus profit.
  • The attacker returned the flash loan and ended up with a profit of 15.32 WETH.

The stolen funds were cashed-out through Tornado Cash and Aztec. Hypernative detected the deployment of a malicious contract and the exploit in real-time. Our team immediately contacted the protocol and worked with them to help them prevent further loss.

The Hypernative Platform continuously monitors all blockchain activity, as well as other sources, providing operational and security monitoring capabilities to protocol teams, with out-of-the-box detections to proactively warn against hacks and exploits even before they are launched, allowing timely response and mitigation. The detected risks cover multiple aspects of protocol activities, including Governance, Financial, Security, Technical and other risks.

For more information about the Hypernative Platform, get in touch here.

Related resources

December 5, 2022
Security

Exploits, Hacks, and How Hypernative Detects Them

When talking about security exploits, this past year has been one of the toughest  web3 and crypto communities have ever known. Over $3B was stolen in 2022, with October responsible for $700M. Hypernative strives to create new ways to secure digital assets and web3.

May 17, 2024
Security

Anatomy of an Attack: Guide to Hack Detection and Prevention in Web3

An exploit is not a singular event, but rather a process that unfolds over time. Because of that, hacks can be detected in real-time and can be stopped.

September 3, 2024
Hypernative News

Hypernative Raises $16 Million Series A Round to Make Web3 Hacks a Thing of the Past

The funds from investors including Quantstamp, boldstart ventures, IBI Tech Fund, CMT Digital, Bloccelerate, and Borderless will be used to expand into new verticals and build a Web3 security network.

Hypernative can protect you from zero-day vulnerabilities, frontend hacks, state actor threats and much more.

Book a demo

Products

Hypernative PlatformHypernative OracleHypernative Screener

Solutions

ProtocolsChainsFunds & Treasury ManagersData Platforms

Resources

Why HypernativeBlog

Company

About UsCareers
© Hypernative 2024
Privacy Policy
Built by Otherlife