Site icon Krypto Extract

The latest exploit has resulted in a loss of $7M for the DeFi protocol Hundred Finance

According to the protocol, arrangements for a reimbursement have been discussed with the hacker.

On the Optimism layer-2 scaling network, the multi-chain lending protocol Hundred Finance experienced a security attack that led to the theft of assets valued at about $7 million.

On April 15, Hundred Finance announced that it had gotten in touch with the hacker for talks and that the exploit had been discovered. Additionally, the platform is collaborating with other security teams to find a solution, and it has invited anyone with information on the event to get in touch.

The Events?

Peckshield, a blockchain security company, said that the hacker used a donation of 200 WBTC to artificially increase the price of hWBTC in order to carry out the attack. This allowed them to use a little quantity of hWBTC to empty Hundred Finance’s lending pools.

According to a thorough investigation by another security company CertiK, the attacker increased the exchange rate between hTokens and ERC-20 tokens by making significant donations of WBTC to the hToken contract.

When the exchange rate changed, the exploiter opened a sizable borrow position that allowed them to withdraw more tokens than they had initially placed.

The protocol warned against making assumptions about how the exploit happened and stated that it is creating a post-mortem. The goal, according to the team, is to get in touch with the hacker and work out a return deal.

Is This The First Time?

It’s important to remember that Hundred Finance has already been hacked. The protocol was the victim of a reentrancy attack last year, and the exploiter made off with about $6.5 million worth of ETH.

The rising security concerns remain a critical concern despite the DeFi market’s rapid expansion. According to recent data from blockchain analytics firm Chainalysis, DeFi protocols were the most severely affected in 2022, accounting for an astounding 82% of all stolen cryptocurrency assets, or $3.1 billion in damages.

Exit mobile version