In recent days, the focus has been on bitcoin after it reached a new all-time peak. However, hackers had other ideas as they targeted a new (DeFi) lending protocol to attack. Warp Finance was exploited by hackers who drained the protocol of $7.7 million in Dai and USDC stablecoins.
Warm Finance targeted in flash loan attack
The DeFi protocol acknowledged the attack on social media. Warp Finance said the platform was “exploited with a complex flash loan attack which allowed the user to borrow more than their collateral value resulting in a loss of stablecoin lender funds.”
After losing $7.7 million in stablecoins, the protocol plans to recover about $5.5 million locked in the collateral vault. These funds will be distributed to users who lost their holdings in the hack.
In a flash loan attack, the hacker can be granted short-term loans without the need for collateral as the loan will be repaid in one block. Cybercriminals have previously used this feature to siphon funds from DeFi protocols.
After noticing some irregularities on its platform, Warp Finance asked its users not to deposit stablecoins anymore until the issue was resolved.
🚨 We are investigating irregular stablecoin loans taken out in the last hour, we recommend that you do not deposit anymore stablecoins until we have clarity on the irregularities
— warp.finance (@warpfinance) December 17, 2020
The protocol pledged to share a more detailed analysis of the hack in the coming days when they have a better understanding of the exploit.
A few days ago, the platform said that users deposited $5 million in stablecoins and LP tokens 24 hours after the launch of Warp’s Phase 2.
Hackers target DeFi protocols
Hackers are targeting the growing DeFi space which has attracted billions of dollars locked in several protocols.
Hugh Karp, the founder and CEO of DeFi protocol Nexus Mutual was recently tricked by a hacker and personally lost more than $8 million in the exploit.
Karp admitted that the hacker has used a nice trick and pleaded with the criminal to return the loot in full in exchange for a $300,000-bounty and dropping of all charges.
To the attacker. Very nice trick, definitely next level stuff.
You’ll have trouble cashing out that much NXM.
If you return the NXM in full, we will drop all investigations and I will grant you a $300k bounty.
— Hugh Karp 🐢 (@HughKarp) December 14, 2020