- Hackers could make off with 200,000 DAI and 1101.8 ETH.
- The hacker used Tornado cash, a currency mixing tool, to transfer the stolen coins.
In the latest case of a decentralized finance (DeFi) marketplace being targeted by an attack, Deus Finance has lost almost $3 million in DAI and Ethereum tokens (ETH). On Twitter, PeckShield, a DeFi analysis business, explained why and how the funds were compromised. The perpetrators of the assault exploited and manipulated a pricing oracle for flash loans, causing the victims’ money to become insolvent.
The price of the StableV1 AMM – USDC/DEI pair was changed by the hackers to establish the price oracle for the protocol’s flash loans. At the time of the incident, PeckShield estimated that the stolen assets were over $3 million, but the company has since learned that hackers could make off with 200,000 DAI and 1101.8 ETH.
DEI Lending Contract Ended
Deus Finance CEO Lafayette Tabor posted to Twitter to inform the community about the refund possibilities. In addition, he promised that the programmers would draught a new contract that would allow impacted customers to pay back their debts.
According to the CEO,
“We will create a contract you will be able to repay your DEBT on it and get your sAMM that were liquidated, we will also implement a feature that lets you swap DEI against a small MUON allocation. (paying from my team allocation).”
The hacker then used Tornado cash, a currency mixing tool, to transfer the stolen coins over the Multichain protocol. In a statement, Deus Finance said it had ended its $DEI lending contract after discovering a vulnerability in its lending protocol. Also, the DeFi protocol stated that both $DEUS and $DEI were unaffected by the exposure.