Deus Finance DAO Hacked; Malicious Actors Took Around $3M
KEY POINTS
- The incident was uncovered by DeFi analytic firm PeckShield
- Malicious actors exploited and manipulated a price oracle for flash loans
- Deus Finance DAO will refund users who incurred losses incurred
Multi-token decentralized finance (DeFi) marketplace Deus Finance DAO on Tuesday became the latest victim of an exploit that resulted in a massive loss of around $3 million worth of DAI and ETH.
Deus Finance DAO lost 200,000 DAI and 1101.8 ETH tokens due to a recent hack where malicious actors exploited and manipulated a price oracle for flash loans on the Fanthom network iteration. This resulted in the insolvency of users' funds.
The incident was uncovered by DeFi analytic firm PeckShield, which explained the cause and manner of the exploit. "The hack is made possible due to the flash loan-assisted manipulation of price oracle that reads the price from the pair of StableV1 AMM - USDC/DEI, so that even normal users, unfortunately, become insolvent!" the blockchain security firm tweeted Tuesday.
Flash loan is popular in the decentralized finance space. It allows users to borrow considerable amounts of cryptocurrency at a relatively low cost without the need to post any collateral. However, the loan requires that it must be paid back within the same transaction.
The blockchain security and data analytics firm also revealed that it had uncovered blockchain data showing that over $3 million tokens were taken away from Deus Finance DAO. It was later exchanged for 200,000 DAI and 1,101.8 ETH using the decentralized exchange Multichain.
With the help of the crypto mixing till Tornado, malicious actors then washed the exploited funds. This move hides the hackers' addresses and makes it extremely difficult for authorities to trace the stolen digital assets.
Deus Finance DAO downplayed the incident and claimed that tokens were unaffected by the exploit. Interestingly, it has paused the lending contract the hackers exploited and said it will comprehensively review the incident.
Moreover, the team assured users that it will refund users who incurred losses by the flash loan hack. Deus Finance DAO also claimed the recent exploit did not lead to "an ecosystem-wide exploit."
"We are aware of the recent exploit reports regarding the $DEI lending contract. [The] contract has been closed, both $DEUS & $DEI are unaffected. Devs are working on a summary of the events, all information will be communicated once we have assessed the full situation," Deus Finance DAO tweeted.
We are aware of the recent exploit reports regarding the $DEI lending contract.
— DEUS Finance DAO (@DeusDao) March 15, 2022
Contract has been closed, both $DEUS & $DEI are unaffected. Devs are working on a summary of the events, all information will be communicated once we have assessed the full situation.
© Copyright IBTimes 2024. All rights reserved.
-
Taiwan Hit By Dozens Of Strong Aftershocks From Deadly Quake
-
Gaza Health System 'Completely Obliterated': UN Expert
-
In Ecuadoran Amazon, Butterflies Provide A Gauge Of Climate Change
-
50 Years On, Vintage Vehicles To Reenact Portugal's Carnation Revolution
-
Conflicts Push Military Spending To 'All-time High': Report
-
'Thank You, America:' Zelensky And Netanyahu Applaud House Passage Of Foreign Aid Package
-
Women Journalists Bear The Brunt Of Cyberbullying
-
US Aid Shows Ukraine Will Not Be 'Second Afghanistan': Zelensky
-
Elon Musk's X Fights Australian Watchdog Over Church Stabbing Posts
-
Ukraine, Israel, TikTok: The Massive Aid Package Before US Congress
