The dFi protocol supported by Multicoin Capital, dForce, was hacked for nearly $ 25 million

Cryptopia hacked platform filed for bankruptcy protection

dForce - a decentralized financial protocol (DeFi) supported by Multicoin Capital, has been exploited for a loss of nearly 25 million USD.

The total locked value in dForce's ecosystem has dropped 100% to $ 6 in the past 24 hours, according to data from DeFi Pulse. Just one day ago, the total key value in the dForce system was $ 24.9 million. The Lendf.Me website - a lending platform in the dForce ecosystem, is also inaccessible at the time of writing.

On dForce's Telegram channel, CEO Mindao Yang said the team was still investigating the issue and advised users not to send any more assets to Lendf.Me right now. The team also confirmed with Chinese cryptocurrency newspaper ChainNews that Lendf.Me was attacked in the 9th block of 9,899,681.

Although details about the flaw have not been disclosed yet, it is worth noting that in January, Lendf.Me integrated with imBTC - an Ethereum token attached to BTC. Earlier today, a liquidity pool for imBTC on decentralized exchange Uniswap was hacked, resulting in a loss of $ 300,000 worth of tokens.

The hackers who attacked imBTC took advantage of the vulnerability through the use of imBTC's ERC-777 token standard, thereby helping hackers to constantly call Uniswap smart contracts to withdraw money before the external balance is updated.

On Twitter, some users are speculate that Lendf.Me has suffered an attack similar to imToken, because the transaction records show that hackers have repeatedly called Lendf.Me's withdrawal function to issue imBTC - which is provided for lending protocol by hacker at the first point.

However, this thesis is not new. In 2016, the famous DAO hack used a similar mechanism - resulting in 60 million Ether being stolen. A ConsenSys review of Uniswap last year also discussed the vulnerability in depth.

Launched in late September, Lendf.Me has grown into one of the 7th largest DeFi markets in terms of the token value locked on DeFi Pulse before the attack occurred. However, as The Block reported earlier, another lending protocol, Compound, has accused Lendf.Me of stealing their source code.

On April 15, dForce announced a $ 1.5 million funding round led by Multicoin Capital, with the participation of Huobi Capital and China Merchants Bank International (CMBI) - an investment arm of one of the banks. China's largest.

Maybe you are interested:

Join our channel to stay up to date on the most useful news and knowledge at:

According to The Block
Translated by ToiYeuBitcoin


seo marketing wordpress seo seo hosting seo and marketing word press seo wordpress and seo wordpress marketing hosting seo seo press pro market seo seo & marketing seo e marketing e marketing seo seo pro wordpress marketing & seo seo di wordpress wordpress seo host hosting and seo wordpress hosting seo wordpress seo wordpress wordpress for marketing seo press wordpress marketing for seo