DeFi Hacker Steals $13.4M in DEUS Finance Attack


Share this article

The DEUS team said that user funds were safe. 

DEUS Finance Suffers Flash Loan Exploit 

DEUS Finance DAO is the latest DeFi protocol to suffer a major attack. 

The multi-chain DeFi project, which runs on Ethereum ( $3,842.44 ) , Fantom, BNB ( $757.74 ) Chain, and a number of other Layer 1 networks, was targeted in a flash loan exploit early Thursday morning. 

On-chain data shows that an attacker leveraged a flash loan to target a DEUS liquidity pool on Fantom. Pioneered by the early Ethereum ( $3,842.44 ) DeFi project Aave, flash loans give DeFi users the ability to borrow an unlimited amount of capital without providing any collateral as long as they pay back the loan in the same transaction. While flash loans are an example of DeFi innovation, they’ve been controversial due to the prominent role they’ve played in many multi-million dollar hacks. 

This attack follows a similar playbook to many other recent incidents. As blockchain security firm PeckShield noted in a tweet storm, the hacker used the loan to manipulate a price oracle so that they could artificially inflate the price of DEUS’ DEI stablecoin. They then used the DEI as collateral to borrow more capital, and executed a trade for USDC. By the time they paid off the flash loan, they were left with about $13.4 million. 

After executing the flash loan attack, the hacker moved the takings from Fantom to Ethereum ( $3,842.44 ) and used Tornado Cash, an Ethereum ( $3,842.44 ) -based privacy-preserving protocol popularly used in DeFi hacks, to siphon the funds to a “clean” address. 

DEUS has since posted an update, saying that user funds are safe and DEI lending has been paused. It also said it will follow up with more details later. After suffering from a $3 million flash loan exploit only last month, it will have some explaining to do. 

Disclosure: At the time of writing, the author of this piece owned ETH, AAVE, FTM, and several other cryptocurrencies. 

Share this article

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.



Source

Recommended For You

About the Author: wp4crypto