Lending Protocol Hundred Finance Loses $7M in Fresh DeFi Exploit

On Apr 17, 2023 at 9:56 am UTC by · 2 mins read
an image

The hacker was able to withdraw more tokens than were initially deposited.

There appears to be a rising case of DeFi exploits and multichain lending protocol Hundred Finance may be the latest victim. According to a recent announcement by the protocol, attackers found a loophole to successfully manipulate the exchange rate between ERC-20 tokens and hTOKENS. And as a result, the attacker has reportedly made away with no less than $7.4 million from the protocol.

Meanwhile, it might be worth noting that this is the second time in as many years that Hundred Finance has been hacked. Last year, the protocol and Agave were victims of a reentrancy attack on Gnosis Chain that saw both platforms losing a joint $11 million.

Hundred Finance Seeks Resolution of DeFi Exploit

According to Hundred Finance, it has already begun efforts to recover the stolen funds. The lender says it has reached out to the yet-to-be-identified hacker and advises anyone with information that could lead to the recovery of the stolen funds to come forward. It also urges the hacker to come to a negotiation table as soon as possible. One of its most recent tweets reads:

“Once again we hope the hacker will reach out back to us and we will be able to find a joint solution to resolve this matter.”

Hundred Finance has also partnered with some security firms to explore how the attack came to be and also to forestall similar occurrences in the future.

As confirmed by blockchain security firm Certik, the incident was indeed a flash loan attack. Certik says the hacker was able to withdraw more tokens than they originally deposited, after manipulating the exchange rate between ERC-20 tokens and hTOKENS.

Flash Loan Attacks: A Growing Menace in DeFi

It is noteworthy that Heaven Finance’s $7.4 million loss is only further proof that the decentralized finance (DeFi) space is still under serious attack. Over the years, there has been an endless list of similar incidents across the space. And despite a slow start in the year running, DeFi hacks and losses have somehow picked up steam again.

Recall that in March, Euler Finance was hacked and the attack saw it suffer losses of nearly $196 million. Although Euler recovered most of its funds, several other DeFi protocols have also been exploited this month.  They include Allbridge, Sentiment, and Yearn Finance, among others.

Share:

Related Articles

Zunami Protocol Loses $2.1M in Fresh Price Manipulation Attack

By August 14th, 2023

Zunami may be the latest victim of a flash loan attack, a scheme that has gradually become the bane of existence for many DeFi protocols.

Sturdy Finance Hit in Fresh Exploit, Loses Over $800,000

By June 12th, 2023

DeFi hacks have gone through the roof in recent times and many will argue that the DeFi ecosystem has proven time and again that it is indeed an exploiter’s paradise.

Jimbos Protocol Suffers $7.5M Loss in New Hack as Token Plummets 26%

By May 29th, 2023

The incident comes barely three days after Jimbos Protocol launched its version 2.

Exit mobile version