DeFi Protocol Inverse Finance Loses $15.6 Million to Hack
Updated · Apr 04, 2022
The protocol was the victim of an attack leading to the loss of over $15 million in cryptocurrency assets.
Inverse Finance, decentralized finance (DeFi) protocol, was the victim of an exploit. In a post made on its official Twitter account, the company revealed that the hack affected Anchor, its lending platform.
This morning Inverse Finance's money market, Anchor, was subject to a capital-intensive manipulation of the INV/ETH price oracle on Sushiswap, resulting in a sharp rise in the price of INV which subsequently enabled the attacker to borrow $15.6 million in DOLA, ETH, WBTC, & YFI— Inverse+ (@InverseFinance) April 2, 2022
According to its tweets, the cyber attacker manipulated its INV/ETH prices to borrow millions of dollars in different tokens.
The startup went on to add that the exploit did not impact its front-end code or smart contract.
Inverse Finance is an Ethereum stablecoin protocol for lending and borrowing cryptocurrency assets.
The exploit on its platform was first discovered by Peckshield, a top blockchain security and data analytics company. The firm alerted Inverse Finance to the hack only minutes after it occurred.
Peckshield explained that the hacker took advantage of a loophole in the oracle that Inverse Finance tracks token prices with. Armed with 901 ETH, the hacker manipulated the price of INV on DeFi exchange SushiSwap. With this resulting in the skyrocketing of INV’s price, the hacker took loans amounting to millions of dollars in YFI, DOLA, ETH, and WBTC.
This is the latest in a series of cyberattacks on DeFi platforms. Only days ago, Ronin Network, the bridge for the P2E game Axie Infinity, suffered a $625 million exploit. It is one of the largest blockchain security breaches ever.
The protocol reacted by immediately pausing borrows on the Anchor platform. It revealed a series of subsequent actions, which include repaying 100% of the exploited funds to affected wallets.
Inverse Finance did not disclose how it will do this. However, it made it clear that additional INV will not be minted for the repayment.
The company urged the hacker to reach out to discuss a ransom payment for the exploited digital tokens.
Daniel is an Economics grad who fell in love with tech. His love for books and reading pushed him into picking up the pen - and keyboard. Also a data analyst, he's taking that leap into data science and machine learning. When not writing or studying, chances are that you'll catch him watching football or face-deep in an epic fantasy novel.
Latest from Author
Your email address will not be published.