$25M taken in DeFi loan attack

DeFi loan attack

Uniswap & LendFMe targeted

Attacks this weekend [18/19.04.20] have seen hackers steal more than $25 million in cryptocurrency from Lendf.me and the Uniswap exchange. A full investigation is underway and reports have been plenty over the weekend. The two attacks are believed to be related, and most likely carried out by the same party.

The attack looks similar to the one in March 2020. On that occasion, hackers exploited legitimate features and program glitches in different Defi and DEX dapps to orchestrate a sophisticated attack.

The similarities between Uniswap and Lendf.me is that both platforms were utilizing very similar products to operate.

  • Lendf.me protocol — a decentralized finance (DeFi) protocol developed by the dForce Foundation to support lending operations on the Ethereum platform.
  • imBTC — a token running on Ethereum valued at a 1:1 rate with Bitcoin.
  • ERC-777 — one of the underlying technologies of the Ethereum blockchain meant to support smart contracts.

At the time of writing, Uniswap is believed to have lost somewhere between $300,000 and $1.1 million. While Lendf.me has reported a loss of more than $24.5 million.

The total value locked in the dForce ecosystem was down by 100% to $6 over the past 24 hours. A day ago, the total value locked in the system was $24.9 million. It still not clear whether any users were able to withdraw funds or if the attacker seized all $25 million.

DeFi loan attack

Both websites have been taken down to prevent further attacks. Tokenlon has also suspended its imBTC token and is blocking all new transactions. To prevent hackers from carrying out new attacks against other platforms.

Newsletter
Unsubscribe at any time. T&Cs and Privacy Policy

Share this post on social media

Share this Article

Related articles

Related articles

DeFi arrives on TRON & Waves [An Analysis]

TRON & Waves look to halt Ethereums DeFi dominance
DeFi