Midas Capital, a lending and borrowing pool provider, lost over $600,000 to hackers in a security breach over the weekend. It trails a previous security attack one of the project’s products faced last year.
With Midas Capital harnessing the BNB Chain to run its project, the protocol becomes the second on the Binance-native blockchain to get hacked within two days.
Midas Capital Gets Drained for Over $600k
The codes governing Midas Capital’s lending protocol were forked from those of the DeFi lending project Compound Finance. According to a public statement published by the project’s developer team, the attack occurred in one of these pools. The attack was first discovered and reported by the blockchain security team Ancilia.
Although Midas Capital noted that it has “paused all pools” to curb the magnitude of the attack, the hacker was able to siphon over half a million dollars. On-chain data on the blockchain analytics platform DeFiLlama, Midas Capital currently has $2.79 million in its total value locked (TVL), representing around an 11% decrease from its TVL hours earlier.
A similar approach to the latest attack has recently been used against the DeFi lending protocol Hundred Finance. On April 15th, the project suffered a $7 million exploit. This suggests that the recent security breach may have been conducted by the same hacker. Still, the hacker’s identity remains unknown.
Not the First Time
Notably, this is not the first time Midas Capital will face the impact of a security attack. In January, Jarvis jFIAT pool, a product built by Midas Capital in collaboration with Polygon-based Jarvis Network, suffered an attack that saw $660,000 depart from the project’s purse.
The hacker utilized a re-entrancy attack and price oracle manipulation to exploit a newly added feature in the protocol.
Meanwhile, another BNB Chain-based project, Atlantis Loans, was drained of $2.5 million in a Friday attack. The hacker used a governance attack to facilitate the attack.
