dYdX, a decentralized exchange, has revealed that it has identified the individual responsible for an attack that occurred on November 17, 2023, on its v3 platform, resulting in a $9 million loss to its insurance fund. In a detailed review of what was described as a "targeted attack" on the exchange, dYdX confirmed it is pursuing legal action against those involved. To preempt future coordinated attacks using similar tactics, dYdX has implemented improvements to its v3 trading platform, specifically enhancing position monitoring and alerts.
The exchange emphasized that its upgraded v4 chain is designed to address such risks effectively. It introduced a new functionality that automatically adjusts the initial margin ratio in response to abnormal price fluctuations. Upon analyzing the attack, dYdX noticed the assailants initiating multiple 5x leveraged long positions across more than 100 wallets using the YFI/USD trading pair. The attackers strategically purchased Yearn.finance tokens using various addresses, causing the token's price to surge by 215%. YFI serves as the native token of the Yearn.finance decentralized finance protocol.
The attackers were observed doubling their unrealized profits by acquiring additional YFI/USD positions, accumulating gains up to approximately $50 million. On November 17, dYdX promptly elevated the initial margin requirements and reduced base and incremental position sizes within the YFI/USD market to curtail the attackers' activities. The subsequent day witnessed a swift drop of nearly 30% in the price of YFI within an hour, which left the attacker unable to close the position. dYdX explained that when an attacker's holdings register negative figures, the losses are automatically covered by the insurance fund.
The platform disclosed that the attacker utilized the same strategy on SUSHI/USD a week before the YFI incident, accruing profits of approximately $5 million. However, this maneuver did not affect the v3 insurance fund since dYdX heightened the initial margin requirement to 100%, effectively thwarting the attackers from further profiting.
dYdX explicitly stated that the attacks had no impact on customer funds, and the attackers did not gain from manipulating the YFI market on their platform.
