Hacker withdrew more than $15 million from the Inverse Finance protocol
The attack used price oracle manipulation on the SushiSwap platform
04.04.2022 - 07:35
468
2 min
0
What’s new? Inverse Finance, a lending protocol, was attacked by an attacker. The hacker managed to withdraw over $15 million from the platform by manipulating the price oracle of the INV/ETH pair on the SushiSwap exchange. The Inverse Finance team has promised to compensate the affected users.
What is known about the attack? Exploiting a vulnerability in a Keep3r price oracle led to a spike in the price of the INV token, allowing the hacker to borrow $15,6 million in ETH, YFI, DOLA, and WBTC tokens. The artificial overpricing allowed INV to be pledged as collateral for a large loan.
The attacker needed 901 ETH ($3,15 million at the exchange rate on April 4) to carry out the attack. Tornado Cash, a transaction mixing service, was used to enter these funds and withdraw the stolen tokens.
Inverse Finance is a decentralized platform founded in 2020. The project enables DeFi tools such as profitable farming and obtaining loans.
What had happened before? On March 29, the Ronin Network sidechain used by the Axie Infinity game was attacked. Using an exploit, the criminal withdrew more than $625 million in cryptocurrency (173 600 ETH and 25,5 million USDC).
Useful material?
Market
Tether Finance division will be responsible for the issuance and redemption of USDT stablecoins
Apr 18, 2024
Trends
The first project introduced on the platform will be BounceBit (BB)
Apr 18, 2024
Business
The rate exchange of the native ACH token reacted with a 10% increase
Apr 18, 2024
Market
Miners are hunting for the first block after halving as the value of the first satoshi could exceed $1 million
Apr 18, 2024
Market
The platform will be non-custodial and accessible to everyone
Apr 15, 2024
Market
China Asset Management, Harvest Global Investments, and Bosera Asset Management have received permits
Apr 15, 2024