DeFi

Scroll-based DeFi lending protocol halts operations following investigation into $7.5M hack – DL News

Published

on

  • The exploiter stole $7.5 million in Ether from the protocol.
  • Friday’s exploit depleted the protocol’s entire supply of USDT and USDC.
  • The team has suspended the protocol and is investigating.

Rho Markets, a $43 million DeFi protocol on the Scroll blockchain, was forced to suspend operations due to a security incident that drained millions from its coffers

An exploiter drained $7.5 million in Ether from DeFi yield and lending protocol onchain on Friday data watch.

“We have detected unusual activity on our platform and are currently investigating,” the team said. said on his X account.

Rho Markets dashboard shows that the hacker drained the protocol’s entire supply of USDT and USDC stablecoins.

The attacker executed the exploit by manipulating the protocol’s oracle — a feature that provides information to smart contracts from off-chain sources — to drain the stablecoin supply and withdraw more than double the deposited Ether collateral.

Data from Debank showed that the $7.5 million in Ether was still in the attacker’s wallet at the time of the report.

Rho Markets exploiter drained the protocol’s entire stablecoin supply.

Rho Markets did not immediately respond to a request for comment.

The Scroll team temporarily delayed finalizing its network following the exploit, but has since lifted the pause, Scroll principal researcher Toghrul Maharramov said. DL News.

Join the community to receive our latest stories and updates

But as a fork of legacy DeFi protocol Compound, the oracle attack likely targeted a rounding error vulnerability, a known weakness of other Compound forks.

Several attackers have targeted similar vulnerabilities in previous DeFi exploits, including Attacks on Hundred Finance and Raft Finance.

Security experts have advised DeFi developers to treat these vulnerabilities as non-trivial and pay attention to rounding error bugs.

Smart Contract Auditor Joe Dakwa said previously DL News that robust unit and fuzz testing should become standard practice to prevent future attacks.

Fuzz testing, or fuzzing, involves subjecting smart contracts to random data inputs to see if the code malfunctions.

Rho Markets is the third largest lending service on Scroll, according to data from DefiLlama.

This makes Rho Markets a popular destination for airdrop hunters looking to record activity on the Scroll blockchain.

In May, Scroll launched a dashboard allowing users to track their points earned in Sessions, the network’s loyalty campaign program.

The Sessions campaign is Scroll’s version of a points programwhich have become popular among DeFi projects as a temporary placeholder for airdrops.

Despite Widespread criticism of Scroll sessionsInvestors’ deposits in Scroll have jumped 650% since mid-May, when users were able to start tracking their points.

Osato Avan-Nomayo is our DeFi correspondent based in Nigeria. He covers DeFi and technology. To share tips or information on articles, please contact him at osato@dlnews.com.

Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Información básica sobre protección de datos Ver más

  • Responsable: Miguel Mamador.
  • Finalidad:  Moderar los comentarios.
  • Legitimación:  Por consentimiento del interesado.
  • Destinatarios y encargados de tratamiento:  No se ceden o comunican datos a terceros para prestar este servicio. El Titular ha contratado los servicios de alojamiento web a Banahosting que actúa como encargado de tratamiento.
  • Derechos: Acceder, rectificar y suprimir los datos.
  • Información Adicional: Puede consultar la información detallada en la Política de Privacidad.

Trending

Exit mobile version