Deus Finance, a decentralized finance (DeFi) platform, confirmed reports that attackers used illegal methods to steal millions of dollars on Wednesday night.
Two blockchain security companies, PeckShield and CertiK, said Deus Finance was hit by a variation of the “flash loan attack.” In a flash loan attack, a hacker borrows funds that do not require collateral, buys a large amount of cryptocurrencies, artificially raises prices, and offloads coins. The loan will be repaid and the borrower will maintain profits.
PeckShield said the attackers stole about $ 13.4 million worth of cryptocurrencies, but said the actual loss of the platform could be even greater. CertiK loses 5,446 ETH, or About $ 15.7 million..
The Deus platform provides developers with a way to create financial services and consists of two different coins, DEI and DEUS.
According to blockchain data, the attacker withdrew $ 143 million in a flash loan and bought Deus Finance’s stablecoin, 9.5 million DEI, which is fixed at US dollars. The purchase raised the price of DEI, allowing the attacker to repay the flash loan and pay a net amount of about $ 13 million.
Deus Finance did not respond to a request for comment, but released a brief statement early Thursday morning on Twitter and Telegram claiming that customers never lost money during the attack.
“Note that all user funds are safe and no users have been liquidated. Developers are still investigating the full extent of the situation and details will be coming soon,” said the people behind the project. Said on Telegram.
On Twitter, they said there were no liquidated users and DEI lending was temporarily suspended.
The Deus Finance developer tweeted from the account @lafachief first confirmed that the attacker used a flash loan to manipulate prices on the chain.
“Users have never lost money. The loss is in the protocol. We will discuss this in veDEUS in the future. We are working with teams from CEX and other institutions to collect funds today. Will look into more details for you, “said the developer.
The developers continued to argue that it wasn’t really a flash loan attack in the classic sense. According to the developers, this was “more sophisticated” with the exploitation of features that will be removed in the next update.
The developers then stated that the hack could be related to a zero-day exploit on the Solidly crypto exchange platform.
Both CertiK and PeckShield called it a flash loan attack, but PeckShield later said it was correct, saying @ lafachief was more complicated than the typical example.
It’s unclear where the $ 143 million loan came from, but flash loans are typically available on a variety of Ethereum-based DeFi lending platforms such as Aave and dYdX.
Blockchain data shows that the hacker sent the money to the tornado cash. Tornado Cash is a cryptocurrency mixer that allows people to hide the source of their funds.
Deus Finance for PeckShield Hit with another flash loan attack On March 15, in an incident that led to a loss of about $ 3 million.
The creators of the DeFi platform are constantly playing games with hackers scrutinizing the capabilities of their code and smart contracts to find vulnerabilities and mistakes that can be exploited. Hackers also take advantage of the price differences of coins found on different platforms when deploying flash loan attacks.
Flash loan attacks have become one of the most common ways for hackers to target DeFi platforms. Two weeks ago, hackers stole $ 11.2 million worth of Binance Coin from the DeFi platform Elephant Money.
Cream Finance was hit by three different flash loan attacks in 2021, costing the DeFi platform $ 130 million in October, $ 37 million in February, and another $ 29 million in August.
Blockchain analytics firm Chainalysis said at least $ 2.2 billion was stolen from the DeFi protocol in 2021. Last month, the Ronin Network announced that hackers had stolen more than $ 500 million in cryptocurrencies, making it one of the biggest attacks to date.