Hacker withdrew more than $15 million from the Inverse Finance protocol
The attack used price oracle manipulation on the SushiSwap platform
04.04.2022 - 07:35
566
2 min
0
What’s new? Inverse Finance, a lending protocol, was attacked by an attacker. The hacker managed to withdraw over $15 million from the platform by manipulating the price oracle of the INV/ETH pair on the SushiSwap exchange. The Inverse Finance team has promised to compensate the affected users.
What is known about the attack? Exploiting a vulnerability in a Keep3r price oracle led to a spike in the price of the INV token, allowing the hacker to borrow $15,6 million in ETH, YFI, DOLA, and WBTC tokens. The artificial overpricing allowed INV to be pledged as collateral for a large loan.
The attacker needed 901 ETH ($3,15 million at the exchange rate on April 4) to carry out the attack. Tornado Cash, a transaction mixing service, was used to enter these funds and withdraw the stolen tokens.
Inverse Finance is a decentralized platform founded in 2020. The project enables DeFi tools such as profitable farming and obtaining loans.
What had happened before? On March 29, the Ronin Network sidechain used by the Axie Infinity game was attacked. Using an exploit, the criminal withdrew more than $625 million in cryptocurrency (173 600 ETH and 25,5 million USDC).
Useful material?
Market
Due to supply shortages, the asset’s pre-market exchange rate was climbing above $1000
Dec 16, 2024
Incidents
Reports about the hacking of the exchange with calls to withdraw assets began to spread on December 13
Dec 13, 2024
Crypto regulations
Stablecoins from issuer Circle will not be affected by the changes
Dec 12, 2024
Crypto regulations
The platform will launch after meeting the preconditions of the local exchange authority
Dec 9, 2024
Market
The $1,1 billion figure was reached after the bitcoin correction
Dec 6, 2024
Crypto regulations
By early January, all open positions and loans of local users will be closed and repaid automatically
Dec 5, 2024