Hackers have stolen almost all the assets of users of the DeFi protocol Lendf.me
According to information from the DeFi Pulse portal, on April 19, as a result of an attack by cybercriminals, the dForce Foundation lost 99% of its users ’assets.
Lendf.me is a DeFi credit protocol managed by dForce Foundation. As stated in the project’s official telegram channel, Lendf.me is “the largest DeFi backed by fiat money.” Representatives of the project reported that about $ 25 in ETH and BTC was stolen from user accounts on the night from Saturday to Sunday.
“On Sunday at 8:45 Beijing time [03:45 Kyiv time], the Lendf.me protocol was attacked at block height 9899681,” representatives of Lendf.me commented on the situation for Chain News.
Developers of other DeFi projects suggest that the vulnerability could be a fraudulent pledge in the imBTC — ethereum-token, tied to bitcoin in a 1: 1 ratio.
“Smart contracts with imBTC must have additional code to protect against“ re-entry ”attacks,” said Robert Loeschner, CEO of Compound.
At the moment, it remains unknown whether any of the protocol users managed to withdraw their funds before the attack, or if the attackers really stole all of $ 25 million. The Lendf.me site remains unavailable, and Mindao Young, CEO of the dForce Foundation, announced the beginning of an investigation into the incident, urging not to transfer assets through Lendf.me
It was reported that after a hacker attack, Lendf.me had about $19 thousand dollars left, and later this amount dropped to $6.
Follow Us in Social Media: LinkedIn | Twitter | Telegram | Facebook