The latest hack targeting DeFi altcoin projects was DEUS Finance (DEUS), which occurred this morning and resulted in losses of $13.4 million.
DeFi Investors Wake Up to News of a Million-Dollar Hack
The DEUS Finance DAO protocol is the latest DeFi altcoin project to be the target of a major attack. The attack was carried out through an instant credit vulnerability for a multi-chain DeFi project running on Ethereum, Fantom, BNB Chain and a number of other first-level networks. The problem was discovered early in the morning. Despite this, the team says that the funds are safe:
The development team is working on the case of DEI. 1-) User funds are safe. No user has been purged. 2-) DEI credits are temporarily suspended. 3-) Restored stabilizer DEI.
With the exposure of the attack, the price of DEUS Finance (DEUS) lost more than 15% in a short time. It is trading around $550 after buyers of $500.
Data inside the network shows that the attacker used instant loans to target the DEUS liquidity pool on Phantom. “Fast Loans”, pioneered by the Ethereum DeFi Aave project, allow DeFi users to borrow infinite amounts without having to provide any collateral while they repay the loan in the transaction they borrowed. As an example of DeFi innovation, flash loans have caused controversy due to their massive involvement in a multi-million dollar hack.
The DEUS Finance Hack Followed a Series of DeFi Altcoin Hacks
According to Blockchain security company PeckShield, which shared an autopsy of the hack on Twitter, the hacker manipulated the price oracle code to fraudulently increase the value of the stable DEUS DEI coin using credit. He then used DEI as collateral to borrow more funds and completed the swap using USDC. After paying off the instant loan, the remaining amount was about $13.4 million.
After successfully executing the flash credit attack, the hacker transferred the proceeds from Fantom to Ethereum and used Tornado Cash, an Ethereum-based privacy protection mechanism often used in DeFi attacks, to dump assets to a “clean” address.
According to DEUS’ statement that the DEI credit has been stopped, users’ money is safe. He also said he would provide more information later. After just last month he was confronted with the exploitation of a $3 million flash loan, he will have several explanations.
