Share this article
Another day, another DeFi hack. Inverse Finance is the latest Ethereum protocol to suffer a multi-million dollar exploit.
Inverse Finance Suffers Multi-Million Dollar Hack
Ethereum’s DeFi ecosystem has suffered another major hack.
Inverse Finance, a stablecoin protocol that focuses on capital efficient yield generation, was drained in an exploit early Saturday. PeckShield, one of the crypto industry’s top security analytics companies, alerted the Inverse team to the hack on Twitter minutes after the exploit occurred.
PeckShield explained in a series of tweets that the hacker deposited 901 Ethereum to the protocol and used an oracle manipulation bug to manipulate the price of Inverse’s INV token. They then used INV as collateral to borrow assets and drain the protocol. Etherscan data shows that the hacker drained millions of dollars in YFI, WBTC, and Inverse’s own DOLA token from the protocol and then used decentralized exchanges such as Uniswap to trade the assets for Ethereum. This Ethereum wallet connected to the hacker has already siphoned 4,200 Ethereum worth around $14.6 million through the transaction mixer Tornado Cash in a bid to cover their traces. The wallet contains just over $250,000 at press time.
The Inverse team acknowledged the hack in a tweet, but has not yet shared a full statement. “We are currently addressing the situation please wait for an official announcement,” the post read.
Interestingly, defying a trend that happens with most other DeFi hacks, INV is currently holding up in the market. It’s up 5.9% at press time, trading at $402.
This story is developing and will be updated as more details emerge.
Disclosure: At the time of writing, the author of this piece owned ETH, INV, and several other cryptocurrencies. They also had exposure to UNI and YFI in a cryptocurrency index.
Share this article
Bored Ape Yacht Club Discord Server Hacked After Ticket Tool Exploit
Several Discord servers, including that of the Bored Ape Yacht Club, have been compromised. Hackers appear to have exploited a recent Ticket Tool Discord bot update to post phishing links…