Deus Finance Loses Over $3 Million in a Hack
The hackers had reportedly manipulated prices, a common tactic among hackers attacking DeFi protocols. This flash loan exploit affected the USDC/DEI pair and once stolen, the hacker ran the funds through Tornado Cash, a coin mixing service, to hide their traces.
We are aware of the recent exploit reports regarding the $DEI lending contract.
Contract has been closed, both $DEUS & $DEI are unaffected. Devs are working on a summary of the events, all information will be communicated once we have assessed the full situation.
Deus Finance provided an update, confirming that the attack had taken place on the DEI lending contract. The developers are currently working on a postmortem report, and the contract has been closed.
The Deus Finance token DEI has taken a steep drop of 15.5% over the past 24 hours, currently sitting at $374.
$DEUS #HACK
REIMBURSEMENT NOTICE
We will create a contract you will be able to repay your DEBT on it and get your sAMM that were liquidated, we will also implement a feature that lets you swap DEI against a small MUON allocation. (paying from my team allocation)
make it whole!
CEO of Deus Finance Lafayette Tabor has also commented on the incident, saying that the team is working on reimbursement for those affected. The plan is to create a contract where victims will be able to repay debt and get assets that were liquidated. Additionally, there will be a feature that lets victims swap DEI against a small MUON allocation, which will be paid out of the team’s allocation.
Deus Finance calls itself the “world’s first decentralized bilateral OTC derivatives platform.” It is an infrastructure platform that has made the headlines, but clearly also a target for bad actors, who continue to strike the DeFi market.
DeFi Market, a Prime Target for Bad Actors
The DeFi market is no stranger to attacks and has been a veritable gold mine for hackers in the past 24 months. Flash loan exploits have been one of the most popular MOs, though the kinds of attacks vary greatly and have different effects.
My argument for why the future will be *multi-chain*, but it will not be *cross-chain*: there are fundamental limits to the security of bridges that hop across multiple "zones of sovereignty". From https://t.co/3g1GUvuA3A: pic.twitter.com/tEYz8vb59b
The biggest hack of 2022 took place in February, when the Wormhole bridge was hacked, resulting in $321 million being stolen. The vulnerability was patched, but it showed the precarious security nature of cross-chain bridges. Vitalik Buterin also spoke on this subject in a lengthy Reddit post, saying the future would be cross-chain, not multi-chain.
To combat these attacks, teams have been ensuring that their code gets audited by a third party. Additionally, they are examining insurance protocols to guarantee reimbursement and launch bug bounties. This has helped reduce the number of attacks, but they do continue to happen.
Source: Read Full Article