Non-custodial decentralized finance (DeFi) protocol, Arcadia Finance, is the latest victim of a 5,000 exploit that occurred on both the Ethereum and Optimism networks. Confirming the hack, Arcadia revealed that it is working with security partners to minimize the damage after pausing the contracts. The platform has also roped in law enforcement to deal with the issue. Blockchain security expert PeckShield was first to notify the attack on Arcadia and claimed that it was caused due to “the lack of untrusted input validation,” which is exploited to drain funds from both darcWETH and darcUSDC vaults. The firm highlighted another vulnerability in the DeFi protocol – “lack of reentrancy protection” – which enables instant liquidation to bypass the internal vault health
Topics:
Chayanika Deka considers the following as important: AA News, defi, Hacking, social
This could be interesting, too:
Wayne Jones writes Beyond Hacks: Vitalik Buterin Calls for Wallet Solutions to Address Crypto Loss
Chayanika Deka writes Internal Conflict at Thorchain as North Korean Hackers Leverage Network for Crypto Laundering
Chayanika Deka writes Consensys and SEC Reach Agreement to Dismiss MetaMask Securities Case
Chayanika Deka writes Meme Coins Do Not Qualify as Securities: SEC Confirms
Non-custodial decentralized finance (DeFi) protocol, Arcadia Finance, is the latest victim of a $455,000 exploit that occurred on both the Ethereum and Optimism networks. Confirming the hack, Arcadia revealed that it is working with security partners to minimize the damage after pausing the contracts.
The platform has also roped in law enforcement to deal with the issue.
- Blockchain security expert PeckShield was first to notify the attack on Arcadia and claimed that it was caused due to “the lack of untrusted input validation,” which is exploited to drain funds from both darcWETH and darcUSDC vaults.
- The firm highlighted another vulnerability in the DeFi protocol – “lack of reentrancy protection” – which enables instant liquidation to bypass the internal vault health check.
- The stolen funds from the Optimism network portion were washed on the controversial coin mixer, Tornado Cash. But the Ethereum portion of the stolen funds, worth over $103,000, continued to remain parked in a flagged wallet address.
- Arcadia has not yet confirmed the validity of the root cause identified by PeckShield, but it said that an investigation is being carried out. The protocol’s latest statement read,
“We will continue to work with our security partners, law enforcement, and the broader community to resolve this as best we can. Our number one priority is recovering funds for Arcadia protocol users.”
- Arcadia is a non-custodial, permissionless protocol that was launched on Ethereum and Optimism in March this year. The platform essentially enables users to trade spot with leverage and boost staked ether.
- The latest exploit surfaces amid rampant hacks recorded in the digital asset sector.
- In the first of 2023 alone, Web3 security firm Beosin identified a loss of $470 million across 108 DeFi protocol attacks.