Leading Chinese DeFi protocol has lost 99.95% of locked funds in a nearly $25 million hack.
Chinese decentralized finance, or DeFi, protocol dForce has been exploited in a $24.95 million hack that has resulted in its Lendf.Me lending platform going offline.
According to DeFi data aggregator DeFi Pulse, the total value of funds locked in dForce’s protocol has fallen from almost $25 million to just $10,000 overnight.
On-chain data indicates that the stolen funds have been moved into top DeFi protocols Compound and Aave.
DForce loses over 99.95% of locked funds in attack
Mindao Yang, the CEO of dForce, confirmed the attack on the project’s Telegram channel, announcing that it was attacked at 8:45 am on April 19 during block height 9.989.681.
He stated that the dForce team is currently investigating that attack, and requested that users to not place any assets on the Lendf.Me platform.
The attack is believed to have targeted a vulnerability inherent to Ethereum’s (ETH) ERC-777 token standard.
ERC-777 vulnerability believed to facilitate hack
The same exploit was used to drain more than $300,000 in wrapped Bitcoin (BTC) from smart contracts on the decentralized exchange (DEX) Uniswap containing imBTC — an ERC-777-based tokenized BTC operated by DEX TokenIon.
In response to the attack, Tokenlon announced that no BTC held in custody had been impacted, adding that they had temporarily paused imBTC transfers while considering its next move.
DForce integrated support for imBTC lending on the Lendf.Me platform in January, leading to speculation that it may have also used to exploit dForce.
DForce attacked days after Multicoin Capital investment announced
DForce’s devastating attack comes less than one week after crypto venture capital firm, Multicoin Capital, announced it had led the DeFi protocol’s $1.5 million seed round.
Multicoin Capital principal, Mable Jiang, told Cointelegraph that dForce was building DeFi’s first super-network of decentralized protocols — likening the project to Asian super-apps, WeChat and Alipay.
Since launching in September 2019, dForce’s Lendf.Me had grown to comprise the seventh-largest DeFi protocol by locked assets prior to the attack.
Source: , CoinTelegraph
Articles listed with Cash Tech News as the author are either general information, or may have been imported from another website, to bring our readers a rich media experience that encompasses articles that we find interesting, as well as those curated by others.
The views and opinions expressed here are for informational purposes only, and should not be confused with professional financial advice. These opinions are solely those of the author and do not necessarily reflect the views of CashTechNews.com. Every investment and trade involves risk. You should conduct your own research, and contact your professional financial advisor before making any investment.
Corrections, feedback, and ideas should be submitted through the website contact form.