- Deus Finance was hacked for 2nd time in the span of 45 days. This time around, $13.4M funds are stolen by the hacker.
Below is a quick overview of this project.
Deus Finance has described itself as a marketplace of decentralized financial services. They provide the infrastructure for others to build financial instruments, such as synthetic stock trading platforms, options and futures trading, and more.
Last month on March 15th, 2022, We have reported that Deus’s exploit at that time led to the gain of ~$3M for the hacker, including 200,000 DAI and 1101.8 ETH. Here is the link if our readers want to know more about the previous hack.
Here is the link to the hacker’s transaction:
The hack was made possible due to the flashloan-assisted manipulation of price oracle that reads from the StableV1 AMM – USDC/DEI pair. The manipulated price of collateral DEI is then used to borrow and drain the pool. This was the similar method that hackers used last time. Below we can see the screenshot of the code.
The initial funds, i.e., around 800 ETH to launch the hack, were withdrawn from Tornado Cash and then tunneled to Fantom via MultiChain. After that, the stolen funds were tunneled back to Ethereum. If we talk about the present situation, they are in the hacker’s account. Here is the address of the Hacker:
Below, we can see the screenshot by PeckShield on the movement of funds.
Here is the Strategy of the Hacker in simple steps.
Also, previously, Deus Finance was at 70th position on Rekt Leaderboard. But now, it will be at the 37th position. Also, this can improve as we know more about the hack.
According to µ Lafa µ, a flash swap is used to manipulate the VWAP of Muon oracles, and another flash swap inside the same transaction to manipulate the onchain price. The attack happens across multiple transactions over a time span of a few minutes. He works at Deus Finance.
As of now, all contracts are paused. As of now, The Deus dev team is working on the DEI situation. Below is the information that they have tweeted so far:
- User funds are safe. No users were liquidated.
- DEI lending has been temporarily halted.
- $DEI peg has been restored.
As crypto hacks are increasing nowadays, our readers should stay alert.