Key Takeaways:
- Hundred Finance announced on Twitter that it has lost approximately $7 million due to a security compromise .
- The protocol is constantly attempting to contact the hackers.
Protocol for cross-chain lending Hundred Finance experienced a security breach that resulted in a loss of about $7 million. As reported by blockchain security firm PeckShield, the attacker may have given 200 WBTC to boost the value of hWBTC and then depleted the existing loan pools with a tiny amount of hWBTC as the underlying cause.
On April 15, the DeFi platform announced that it had made contact with the hacker and was collaborating with many security teams. The protocol also requested anyone with information to get in touch.
The intruder took advantage of a weakness in the platform and was able to empty its lending pools by withdrawing a little amount of hWBTC by inflating the exchange rate of hWBTC. For Hundred Finance and its clients, this led to huge losses.
Hundred Finance said on Twitter that they had messaged the hackers and were coordinating closely with the technical teams to fully comprehend the event.
Following the news, several individuals made an effort to analyse the attack, offering different interpretations of what occurred. Some of them responded to Hundred Finance’s tweet by posting their analysis.
A user gave a more thorough account of the hack, adding that the hacker used a special attack loop that involved minting, transferring, borrowing, redeeming, and liquidating tokens to carry out the hack.
To alert its users of the most recent attack on their platform, Hundred Finance has been quite active in providing updates via Twitter. In their most recent tweet, which was sent out on April 16, they cautioned users against making assumptions about how the attack was carried out since a “postmortem” was being prepared.
It is not the first time that Hundred Finance has been hacked; in March 2022, the DeFi suffered a reentrancy assault that cost it more than $6.5 Million. According to reports, hackers mixed their transactions in the blockchain with Tornado Cash to avoid being discovered.
The need of safeguarding these platforms grows even more crucial as the cryptocurrency sector continues to grow and draw hackers. Considering how troubled the DeFi ecosystem has recently been, it is unclear how the industry will react to this most recent attack.
In the most recent high-profile security breaches in April alone, SushiSwap lost $3.3 million due to a security flaw and Yearn Finance was Hacked For Over $100M.
However, incidents like these have once again highlighted the necessity of strict security protocols and vigorous risk management procedures inside the DeFi ecosystem.