- Voltage Finance was the target of an attack today that resulted in more than $4 million stolen from the platform.
- According to one security firm, a reentrancy bug allowed attackers to drain the DeFi platform’s lending pool.
- Similar attacks were carried out against Hundred Finance and Agave earlier this month, resulting in $11 million stolen.
Share this article
Voltage Finance has suffered a reentrancy attack leading to the theft of $4 million in stablecoins and cryptocurrencies.
$4 Million Have Been Stolen
Another DeFi exploit has resulted in millions lost.
Track live crypto price of 10000+ coins!
Voltage Finance announced the theft on Twitter on Mar. 31. “We became aware of a breach on the [Voltage Finance] lending platform… leading to the theft of [$4 million],” it wrote.
Various stablecoins were stolen, including USDCoin (USDC) and Binance USD (BUSD). Wrapped Bitcoin and Ethereum tokens (WBTC and WETH) are were also stolen. Fuse Dollar (FUSD) and its non-stablecoin counterpart FUSE were stolen as well.
Voltage assured users that all funds within its custody are safe, including staked tokens and tokens in liquidity pools. It added that its contracts have been subject to various audits.
The attacker’s address has been flagged on Etherscan, and Voltage has called on the exchanges CEX and Circle to block transactions from that address. Voltage is now attempting to contact the attacker and negotiate a bounty for the return of funds.
The platform added that it is working with its lending-as-a-service partner Ola Finance to investigate the issue.
Official Report Still Pending
Ola Network said that it will soon publish an official report that details the exploit. In the meantime, it has endorsed a third-party report from the blockchain security firm PeckShield.
Peckshield has stated that the hack was due to a reentrancy bug that allowed hackers to drain the lending pool. This vulnerability arose from an issue between ERC-677/777 tokens (the basis of most of the affected stablecoins) and forks of the Compound Network (something that Ola Network allows developers to create).
Related attacks occurred on Hundred Finance (a fork of Compound Finance) and Agave (a fork of Aave) around Mar. 15. About $11 million in total was stolen during those attacks.
Disclosure: At the time of writing, the author of this piece owned BTC, ETH, and other cryptocurrencies.
NFT Express: Your on-ramp to the world of NFTs
At Tatum, we’ve already made it super easy to create your own NFTs on multiple blockchains without having to learn Solidity or create your own smart contracts. Anyone can deploy…
Millions Lost as Solana DeFi App cashio Suffers Hack
The Solana stablecoin protocol cashio has suffered an exploit leading to a complete collapse of its flagship stablecoin, CASH. cashio Hacked for Millions cashio, a stablecoin protocol on Solana, has…
Hackers Steal NFT Monkeys on Top Ethereum Layer 2
The Arbitrum-based NFT marketplace Treasure has been hacked. Developers froze trading after hundreds of NFTs from the Smol Brains and Legions collections were stolen. Treasure Marketplace Hit by Exploit The…
BSC, Ethereum DeFi Projects Hit in $14.4M Hack
An unknown attacker targeted two crypto projects, the Binance Smart Chain-based protocol Dego Finance and Ethereum-based GameFi project Cocos-BCX last night, making off with about $14.4 million worth of digital…
Download MAXBIT Android App, Your best source of all crypto news!
Share this article: