DeFi Platform Inverse Finance Hacked; Loses Over $1.2M

DeFi Platform Inverse Finance Hacked; Loses Over $1.2M
Table of Contents

Ethereum-based DeFi lending protocol, Inverse Finance, suffered a flash loan attack, where attackers stole $1.26 million in Tether (USDT) and Wrapped Bitcoin (WBTC). As per Peckshield, the hacker attacked the platform via a price oracle manipulation.

In a span of two months decentralized finance (DeFi) lending protocol Inverse Finance suffered two major attacks. In April, Inverse Finance was exploited of $15.6 million after an attacker targeted its Anchor money market. The cyber criminal artificially skewed token prices to borrow loans against extremely low collateral.

How Did The Hack Happen?

In yet another long list of DeFi exploits, Inverse Finance, that facilitates borrowing and lending of digital tokens, was hacked by manipulating the price of its LP tokens. Peckshield, a blockchain security company, said that a price oracle manipulation misuses the balances of assets in the pool to directly calculate the LP token price. It is greatly conducted by the flash loan to alter the reserves in the pool.

According to the official blog post, soon after the attack, Inverse Finance temporarily paused borrowing and also removed its DOLA stablecoin from the money market saying that it is investigating the incident. The company specified that no user funds were at risk. Meanwhile, the company later confirmed that only the attacker’s deposited collateral was affected in the incident.

As per PeckShield, the hacker in total gained 99,976 USDT and 53.2 WBTC from the attack. As soon as the hack was successful, the hackers laundered the cryptos via cryptocurrency mixer Tornado Cash, attempting to obfuscate the stolen digital assets. Peckshield also revealed that the attack was allegedly performed by a bot that front-runs the original hack.

The blockchain security company also revealed that the attack was started with an initial fund of 1 ETH which was withdrawn from Tornado Cash. Currently, 68 ETHs in illicit gains are resting in the hacker’s account. Soon after, another 1000 ETHs were deposited to Tornado Cash.

Why is DeFi Prone to Attacks?

DeFi Platform Inverse Finance Hacked; Loses Over $1.2M

The crypto market has long been subject to attacks, and the decentralized finance (DeFi) market has been especially vulnerable to them. One of the biggest DeFi attacks happened in August 2021, when $600 million worth of various cryptos were stolen across multiple networks including Ethereum, Polygon, and Binance Smart Chain.

In March 2022, Decentralized finance (DeFi) project, Fantasm Finance, was hacked resulting in a loss of nearly 1,007 ETH, estimated to be worth around $2.6 million at that time. According to a Chainalysis report,

“The attacks occur as DeFi is one of the most exciting areas of the wider cryptocurrency ecosystem, presenting huge opportunities to entrepreneurs and cryptocurrency users alike.”

RELATED POSTS

Follow us on Social Networks

Crypto Tutorials

Crypto Reviews

Ads