Decentralized lending platform Inverse Finance has again become a victim of hackers, losing $1.26 million this time.
Inverse Finance Loses $1.2M to Hackers
Blockchain security and data analytics company PeckShield explained how the attacker exploited the lending platform to facilitate the hack, noting that a bot likely carried out the exploit.
— PeckShield Inc. (@peckshield) June 16, 2022
PeckShield said the attack was initiated with a flash loan worth 27,000 Wrapped Bitcoin (WBTC). The large deposit received from the loan was then used to manipulate the price of the protocol’s pool of funds. In the process, assets such as Tether USD (USDT), DOLA, Wrapped Bitcoin (WBTC), and Curve DAO token (CRV) were used.
The stolen funds were sent to a Uniswap wallet owned by the attackers. A total of 1,000 ETH was then transferred to Tornado Cash to hide the trace of the transaction, with 68 ETH still remaining in the wallet.
A few hours after the exploit, Inverse Finance temporarily halted borrowing activities. It further noted that investigations are underway while reassuring users that their funds are safe.
Inverse has temporarily paused borrows following an incident this morning where DOLA was removed from our money market, Frontier. We are investigating the incident however no user funds were taken or were at risk. We are investigating and will provide more details soon.
— Inverse+ (@InverseFinance) June 16, 2022
Not The First Time
It is noteworthy that this is not the first time Inverse Finance has been exploited. Coinfomania reported earlier in April that the protocol lost $15 million after some bad actors manipulated the price of its native token INV.
Meanwhile, INV reacted negatively to the $1.2 million theft. At the time of writing, the cryptocurrency was trading at $83, representing a 13% decline since the exploit.
DeFi: A Playground for Hackers
Recently, the decentralized finance (DeFi) sector has become a playground for hackers as they are always on the lookout for the next DeFi project to exploit.
In April, the Ethereum-based project Fei protocol was attacked, losing more than $80 million from multiple pools to the hackers. The protocol offered the hackers a $10 million bounty if they returned the funds.
That same month, DeFi services marketplace Deus Finance lost $13.4 million worth of funds in crypto to hackers during an exploit.