Ionic Money Fake LBTC Collateral Social Engineering: Difference between revisions

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search
(Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/ionicmoneyfakelbtccollateralsocialengineering.php}} {{Unattributed Sources}} thumb|Ionic Money Logo/HomepageIonic Money is an advanced platform facilitating efficient lending and borrowing of assets across the Optimism Superchain (OP Superchain). The platform supports an extensive range of assets and features. Ionic fell victim to a sophisticated social engineeri...")
 
No edit summary
 
Line 2: Line 2:
{{Unattributed Sources}}
{{Unattributed Sources}}


[[File:Ionicmoney.jpg|thumb|Ionic Money Logo/Homepage]]Ionic Money is an advanced platform facilitating efficient lending and borrowing of assets across the Optimism Superchain (OP Superchain). The platform supports an extensive range of assets and features. Ionic fell victim to a sophisticated social engineering attack in which attackers minted fake LBTC tokens, using them to borrow multiple assets, resulting in a loss estimated at $8.6 to $8.8 million. The funds were then bridged to Ethereum and laundered through Tornado Cash. Ionic clarified that this exploit was not related to a code breach, and the platform’s core security remains intact. The team is working with law enforcement and investigative partners to trace the perpetrators and recover the stolen funds, urging users to refrain from interacting with the application until the issue is fully resolved.<ref name="rektnews-17900" /><ref name="ionicmoneytwitter-17901" /><ref name="ionicmoney-17902" /><ref name="quillauditsaitwitter-17903" /><ref name="quillauditsaitwitter-17904" /><ref name="initialminting-17905" /><ref name="providecollateral-17906" /><ref name="borrowtothemaximum-17907" /><ref name="certikalerttwitter-17908" /><ref name="spreekawaytwitter-17909" />
[[File:Ionicmoney.jpg|thumb|Ionic Money Logo/Homepage]]Ionic Money is an advanced platform facilitating efficient lending and borrowing of assets across the Optimism Superchain (OP Superchain). The platform supports an extensive range of assets and features. Ionic fell victim to a sophisticated social engineering attack in which attackers minted fake LBTC tokens, using them to borrow multiple assets, resulting in a loss estimated at $8.6 to $8.8 million. The funds were then bridged to Ethereum and laundered through Tornado Cash. Ionic clarified that this exploit was not related to a code breach, and the platform’s core security remains intact. The team is working with law enforcement and investigative partners to trace the perpetrators and recover the stolen funds, urging users to refrain from interacting with the application until the issue is fully resolved.<ref name="rektnews-17900" /><ref name="ionicmoneytwitter-17901" /><ref name="ionicmoney-17902" /><ref name="quillauditsaitwitter-17903" /><ref name="quillauditsaitwitter-17904" /><ref name="initialminting-17905" /><ref name="providecollateral-17906" /><ref name="borrowtothemaximum-17907" /><ref name="certikalerttwitter-17908" /><ref name="spreekawaytwitter-17909" /><ref name="unnamed-17938" />


== About Ionic Money ==
== About Ionic Money ==
Line 150: Line 150:
<ref name="certikalerttwitter-17908">[https://twitter.com/CertiKAlert/status/1886955515990979040 @CertiKAlert Twitter] (Accessed Feb 7, 2025)</ref>
<ref name="certikalerttwitter-17908">[https://twitter.com/CertiKAlert/status/1886955515990979040 @CertiKAlert Twitter] (Accessed Feb 7, 2025)</ref>


<ref name="spreekawaytwitter-17909">[https://twitter.com/spreekaway/status/1886790775943442433 @spreekaway Twitter] (Accessed Feb 7, 2025)</ref></references>
<ref name="spreekawaytwitter-17909">[https://twitter.com/spreekaway/status/1886790775943442433 @spreekaway Twitter] (Accessed Feb 7, 2025)</ref>
 
<ref name="unnamed-17938">[https://twitter.com/ionicmoney/status/1887141460992213411 @ionicmoney Twitter] (Accessed Feb 6, 2025)</ref></references>

Latest revision as of 13:28, 10 February 2025

Notice: This page is a freshly imported case study from an original repository. While the original content had a similar format, some sections may not have been fully completed. Please help fill in any empty sections or any missing information you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Ionic Money Logo/Homepage

Ionic Money is an advanced platform facilitating efficient lending and borrowing of assets across the Optimism Superchain (OP Superchain). The platform supports an extensive range of assets and features. Ionic fell victim to a sophisticated social engineering attack in which attackers minted fake LBTC tokens, using them to borrow multiple assets, resulting in a loss estimated at $8.6 to $8.8 million. The funds were then bridged to Ethereum and laundered through Tornado Cash. Ionic clarified that this exploit was not related to a code breach, and the platform’s core security remains intact. The team is working with law enforcement and investigative partners to trace the perpetrators and recover the stolen funds, urging users to refrain from interacting with the application until the issue is fully resolved.[1][2][3][4][5][6][7][8][9][10][11]

About Ionic Money

Ionic Money is an advanced infrastructure solution aimed at providing efficient access to lending and borrowing for assets across the Optimism Superchain (OP Superchain). The platform combines powerful features that allow users to interact with a wide variety of assets through a single, intuitive interface. By leveraging the OP Superchain’s capabilities, Ionic brings together liquidity, lending, and yield strategies, simplifying access to decentralized finance (DeFi) opportunities. With a focus on capital efficiency, Ionic enables users to maximize returns while minimizing borrowing costs in an over-collateralized environment.

The platform's use cases are designed to extend the capabilities of the OP Superchain ecosystem. One key feature is the Superchain Aggregator, which optimizes lending and borrowing interactions across the ecosystem, ensuring access to the best liquidity and yield strategies. Another notable use case is the veION system, where users can lock $ION tokens to mint veION, influencing emissions and boosting their Ionic Score. This governance and incentive layer promotes long-term sustainability and rewards users for their participation. Additionally, Agentic AI uses artificial intelligence to enhance strategies by automating tasks such as risk assessment and yield optimization, providing users with advanced insights to enhance their DeFi strategies.

Ionic also boasts several important features aimed at setting new standards within the DeFi space. The platform supports an unrivaled range of assets, including future yield-bearing assets, enabling access to both DeFi and traditional finance strategies. With a strong focus on security, Ionic employs advanced features to ensure the safety of all assets, pools, and transactions. The platform also introduces capital efficiency by optimizing the use of liquidity, ensuring that funds are utilized effectively. Yield compounding is another key feature, allowing users to optimize returns by compounding yields across a variety of assets.

At the core of Ionic’s ecosystem is the $ION token. This token exists in various forms, including the base $ION (ERC20), the governance-oriented veION (ERC721), and the cross-chain xION (xERC20). Users yield $ION by providing liquidity and borrowing assets from Ionic’s markets. By staking their $ION tokens in incentivized pools, users can earn rewards in $ION, $VELO, and $AERO. Additionally, veION tokens allow liquidity providers to influence emissions, boosting rewards or reducing interest rates in the pools they support. This creates a dynamic environment where new strategies, such as Lending Wars, can emerge as different protocols and users compete for optimal yields.

Ionic's success is bolstered by its partnerships with key players in the digital finance and fintech sectors. These partnerships ensure the platform is backed by robust security features and aligned with industry leaders. By focusing on capital efficiency, yield optimization, and seamless access to liquidity, Ionic aims to revolutionize the way assets are managed across the OP Superchain and beyond, offering users a cutting-edge platform for decentralized finance.

The Reality

The LBTC smart contract which the Ionic Money team believed was backed by actual bitcoin, had no such backing, and could be freely minted. The team behind this smart contract had tricked them into believing they were the real LBTC smart contract.

What Happened

On February 4th, 2024, the fake LBTC smart contract was used to mint 250 LBTC, which were then supplied as collateral to take out a loan consisting of as many protocol assets as possible.

Key Event Timeline - Ionic Money Fake LBTC Collateral Social Engineering
Date Event Description
March 25th, 2024 ZachXBT And Ionic Discussion "gm Zach. hope your well. thanks for the questions. some of the leadership of midas rolled over to ionic after sunsetting midas. the code base is a compound fork and so the audit remains valid. the midas exploits were due to the well known vulnerabilites of the compound code, which we fixed with whitelisting on new pools and reentrancy circuit breakers (now well known fixes). The pools on midas were isolated and the ones that were hacked were compromised due to an exploit on the oracle which was not related to the audit. The team and code is now well battle tested and ionic is more secure than anything built previously, and we will keep it that way moving forward. We are also working with Anthias Labs for full risk management and optimization. After raising initial funding a new audit is planned as we move towards a more ambitious V2."
February 4th, 2025 6:54:25 AM MST Minting Fake LBTC Tokens The attacker mints fake LBTC tokens, which are not actually backed by any bitcoin.
February 4th, 2025 6:57:31 AM MST LBTC Supplied To Ionic Money The fake LBTC is supplied to the Ionic Money smart contract.
February 4th, 2025 6:59:09 AM MST Borrow All Available Assets All available assets in the smart contract are borrowed, with the LBTC as collateral.
February 4th, 2025 7:55:00 AM MST spreekaway Exploit Tweet User spreekaway posts about the exploit, claiming losses at $8.6m USD.
February 4th, 2025 8:02:00 AM MST ZachXBT Midas Bombshell ZachXBT shares his initial discussion, pointing out that the project Ionic Money, is derived from Midas, which is new information to a lot of investors.
February 4th, 2025 8:10:00 AM MST Initial Protocol Update Ionic Money reports that there is an ongoing exploit on its platform, specifically related to @modenetwork. Due to this, they have advised users to refrain from interacting with the application while the team investigates the root cause of the exploit. This is to ensure the security of users' funds and to allow the team to address the issue effectively.
February 4th, 2025 12:15:00 PM MST
February 4th, 2025 6:50:00 PM MST CertiK Publishes Insight CertiK reported that Ionic Money on Mode Network was exploited, where an attacker minted 250 LBTC tokens and used them to borrow multiple tokens. The stolen funds, totaling approximately $8.6 million, were bridged to Ethereum and laundered through Tornado Cash. CertiK highlighted that the LBTC contract listed by Ionic was unofficial and not supported by Lombard’s security infrastructure. They also pointed out that the Bascule, a critical off-chain system monitoring user deposits, was missing, allowing the attacker to bypass checks and mint tokens with fabricated inputs. The incident occurred on February 4, 2025, and users are urged to stay vigilant.
February 5th, 2025 7:09:00 AM MST Next Day Protocol Follow Up Ionic Money publishes an update the following day. It has been confirmed that Ionic fell victim to a sophisticated social engineering scam which allowed hackers to borrow funds that were supplied as liquidity on their Mode deployment. The team clarified that this was not a code-based breach, meaning that the core protocol and its functionality remain secure. All deployments across the chain are safe, and there was no vulnerability in the code itself. Ionic is currently collaborating with investigative partners, law enforcement, and all affected parties to track down the perpetrators and ensure the return of the borrowed funds. Additionally, the team has sent a message to the perpetrators, inviting them to contact Ionic proactively via Telegram or email in order to negotiate the retrieval of the borrowed funds in a more favorable manner.

Technical Details

"The attacker (0x9E34d89C013Da3BF65fc02b59B6F27D710850430) initially had 0.01 ETH.

They deployed a fake token contract LBTC (0x964dd444e3192f636322229080a576077b06fba3).

These fake LBTC tokens were used to borrow multiple assets - MBTC, uniBTC, wrsETH, WETH, STONE, etc."

Total Amount Lost

Losses have been estimate in the range between $8.6m and $8.8m.

The total amount lost has been estimated at $8,807,000 USD.

Immediate Reactions

Initial update from Ionic Money.

"There is an ongoing exploit on the ionic platform on @modenetwork.

Investigation from CertiK:

"We have seen an exploit of @ionicmoney on Mode Network. The attacker minted 250 LBTC tokens and used them to borrow multiple tokens.

The stolen funds, totaling ~$8.6M, were bridged to Ethereum and laundered through Tornado Cash."

Users should not interact with the application while the team investigates the root cause."

The following day, Ionic Money published an update.

"Yesterday, Ionic has become victim of a sophisticated social engineering scam enabling hackers to borrow funds supplied as supply liquidity on our Mode deployment.

We do want to reiterate that this was not a code-based breach and our protocol functions as intended on all deployments. The core code is safe. All chain deployments are safe.

We are currently working with investigative partners, law enforcement and all affected parties to trace and hold the perpetrators accountable to ensure the return of the full amount of funds borrowed.

We ask all our users to remain patient at this time while our team works with outmost professionalism on retrieving the funds and resolve the issue completely.

Please join our discord for more information and latest updates regarding the situation.

Note to the Perpetrators: please contact us proactively via TG or email for a more favorable negotiation regarding retrieval of the borrowed funds."

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

The Ionic Money team continues to hope that funds are returned, investigate into the theft, and post updates to their community.

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. Rekt - Ionic Money - Rekt (Accessed Feb 7, 2025)
  2. @ionicmoney Twitter (Accessed Feb 7, 2025)
  3. Ionic Multichain Money Market (Accessed Feb 7, 2025)
  4. @quillaudits_ai Twitter (Accessed Feb 7, 2025)
  5. @quillaudits_ai Twitter (Accessed Feb 7, 2025)
  6. Initial Minting Of 250 "LBTC" - Mode Explorer (Accessed Feb 7, 2025)
  7. 250 "LBTC" Provided as Collateral - Mode Explorer (Accessed Feb 7, 2025)
  8. Borrow Everything With The "LBTC" - Mode Explorer (Accessed Feb 7, 2025)
  9. @CertiKAlert Twitter (Accessed Feb 7, 2025)
  10. @spreekaway Twitter (Accessed Feb 7, 2025)
  11. @ionicmoney Twitter (Accessed Feb 6, 2025)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Ionic_Money_Fake_LBTC_Collateral_Social_Engineering&oldid=6532"