Deus Finance protocol lost $13,4 million in re-hacking

An attacker used the same method of attacking the project as during the first hack in March, according to PeckShield

28.04.2022 - 14:00

205

2 min

What’s new? On April 28, Deus Finance, a DeFi protocol, was hacked again. The hacker managed to withdraw $13,4 million, but the project “loss may be larger,” the analysts at PeckShield reported on Twitter. The exploit occurred on the Fantom network. According to the experts, this was made possible by manipulating the price oracle, which reads data from the USDC/DEI pair, with an instant loan. The manipulated price of the DEI collateral was used to borrow and deplete the pool. PeckShield analysts compared the April 28 hacking scheme to the attack the protocol suffered in March.

Source: Twitter.com

Details of the hack. The attacker needed 800 ETH ($2,34 million) to initiate the attack. He deposited the assets through the Tornado Cash transaction mixer and sent them to the Fantom network using the Multichain cross-chain protocol. The hacker converted the stolen funds back into Ethereum. As a result of the hack, the price of algorithmic stablecoin DEI fell to $0,95 (according to Binance) and lost its peg to the US dollar.

Statement of the project’s representatives. The Deus Finance team has confirmed the information about the hack on Twitter. Representatives reported that users’ funds are safe and their positions have not been liquidated. The developers have notified that DEI lending has been temporarily suspended and that the peg of stablecoin to the dollar has been restored.

Source: Twitter.com

What preceded it? On March 15, Deus Finance was attacked by an unknown hacker. Using the vulnerability discovered, the attacker withdrew about $3 million from the protocol. The platform’s instant loan service was used during the attack. The hacker managed to manipulate an oracle that determines the price in the USDC/DEI stablecoin pair.

Author: