Stader released a report on the smart contract attack on NearX, its liquidity staking protocol deployed on NEAR. The team managed to fix the problem and protect most of the users' funds after discovering the issue, and about 2.5 million $NEAR staked on the Stader DApp is currently safe. It is reported that the losses pertain largely to the $NEAR liquidity in the LPs. The attackers exploited the NearX vulnerability to mint 20 million $NEARX without staking any $NEAR, with an estimated loss of 165,000 $NEAR.
In addition, the team has paused any operations on the NearX contracts, is working closely with the security experts at Halborn and BlockSec to further investigate the issue and stress test the contracts, and is accelerating the launch of a bug bounty program, in association with Immunefi, on NearX contracts for Whitehat professionals.
