DeFi Protocol Exactly Loses $12 Million In Optimism Layer 2 Hack – Details

In a concerning trend for the decentralized finance, or DeFi space, two prominent protocols – Exactly and Harbor – have fallen victim to separate attacks. These incidents, the latest in a string of recent exploits, have highlighted the vulnerabilities that can arise within the relatively new and experimental world of DeFi.

Exactly, a credit market operating on the Optimism network, clearly did not see it coming. The attack, first uncovered by blockchain security firm DeDotFi, involved hackers exploiting a weakness in Exactly’s smart contracts. Security firm PeckShield said on X (formerly Twitter) that it had “detected an ongoing attack.”

DeFi Under Attack

The attackers managed to siphon off approximately 4,323.6 Ether (ETH), valued at around $7.3 million at the time of the breach. To execute their scheme, the attackers utilized the Across Protocol to cart away with 1,490 ETH and the Optimism Bridge for 2,832.92 ETH, transferring stolen assets to the Ethereum network.

Meanwhile, DeFi protocol Harbor also fell victim to a hack on the same day. The interchain stablecoin protocol confirmed the breach, revealing losses from its stable-mint as well as its vaults containing stOSMO, LUNA, and WMATIC.

Although the exact amount of assets stolen remains unclear, Harbor is actively engaged in tracing the funds and gauging the extent of the damages.

No Let-Up From Hackers

Exactly’s vulnerability was related to the DebtManager periphery contract, as attackers used a malicious market contract address to bypass permit checks and execute a malevolent deposit function.

The exact motive behind these attacks is yet to be ascertained, but it’s evident that the immense liquidity available within bridge protocols like Exactly and Harbor presents an appealing target for hackers.

Robust Safety Nets A Must

This recent wave of DeFi breaches is part of a series of security incidents that have plagued the ecosystem. In July, a vulnerability in the Vyper programming language resulted in a staggering theft of more than $61 million from the stable pools on Curve Finance.

Other protocols such as Earn.Finance and Zunami Protocol also suffered losses, further highlighting the challenges and risks associated with this evolving landscape.

As DeFi protocols continue to innovate, these incidents serve as a stark reminder of the need for robust security measures and thorough testing before deploying new solutions.

Featured image from EC-Council

Read Entire Article


Add a comment