Decentralized finance (DeFi) protocols Exactly and Harbor have been exploited on Aug. 18 in two separate — and apparently unrelated — attacks, in line with blockchain safety companies DeDotFi and PeckShield.
On-chain knowledge reveals 4,323.6 Ether (ETH), price almost $7.3 million on the time of writing, had been stolen from Exactly Protocol. The hackers then bridged 1,490 ETH utilizing the Across Protocol and a couple of,832.92 ETH to the Ethereum community through Optimism Bridge.
Update: After a radical evaluation of the Exactly Protocol Hack, we’ve got concluded that the full of stolen quantity updated is ~$7.2M (4323.6 $ETH)
Eventually, they bridged ~1490 $ETH, utilizing Across Protocol, and a couple of,832.92 $ETH to Ethereum through Optimism Bridge:… https://t.co/s61ai1OEMd
— De.Fi ️ Web3 Antivirus (@DeDotFiSafety) August 18, 2023
Exactly is without doubt one of the crypto lenders on the Optimism community. Initial experiences talked about over 7,160 ETH stolen, price almost $12 million, however have been later revised to a smaller quantity. The attacker focused the DebtManager periphery contract, in line with Exactly:
“The attacker handed in a malicious market contract tackle, bypassing the allow examine, and executed a malicious deposit operate to steal belongings deposited by customers. Approximately $7.3M have been stolen.“
The protocol filed a police report and is attempting to speak with the attackers to return the stolen belongings, its group famous on X (previously Twitter).
In one other safety incident, the interchain stablecoin protocol Harbor disclosed being the sufferer of an assault that led to the lack of funds sitting on its stable-mint, in addition to stOSMO, LUNA and WMATIC vaults. At the time of writing, the quantity of crypto belongings stolen stays unclear. Harbor is alleged to be engaged on tracing funds and estimating the full losses.
The attacks observe quite a few safety incidents throughout the DeFi ecosystem over the previous few weeks. On July 30, a vulnerability in three variations of the Vyper programming language resulted in over $61 million being stolen from stablecoin swimming pools on Curve Finance. Other protocols compromised in the previous days embrace Earn.Finance, with at least $287,000 price of ETH stolen, in addition to $2.1 million in losses incurred by Zunami Protocol in one other exploit.
Magazine: DeFi Dad, Hall of Flame: Ethereum is ‘woefully undervalued’ but growing more powerful