Multichain lending protocol, Hundred Finance, was hacked on Ethereum’s layer-2 scaling resolution, Optimism, leading to a lack of roughly $7.4m.
Hundred Finance hacked
On April 15, the DeFi platform announced that it had contacted the hacker and collaborated with many safety groups. The protocol additionally requested anybody with info to get in contact.
This isn’t the primary time Hundred Finance is being hacked.
In 2022, a reentrancy assault on Gnosis chain used Hundred Finance and Agave as instruments. The 2 platforms on the time misplaced $11m.
The well-known Compound protocol’s fork, Hundred, has been carried out on a number of blockchains.
Peckshield claims that the hacker donated 200 WBTC, a stablecoin pegged to bitcoin; to extend the the protocol’s spinoff, hWBTC. This allowed the mortgage swimming pools to be drained utilizing solely a small amount of hWBTC, leading to losses.
Peckshield and CertiK, one other blockchain safety firm, supported the outcomes.
In accordance with CertiK, the attacker modified the speed at which ERC-20 tokens and htokens are exchanged. The hacker raised the alternate fee by contributing a major sum of WBTC to the htoken contract.
Later, the attacker took benefit of that fee to borrow important cash on the new alternate fee after which redeemed their preliminary funding. Hundred suffered a lack of $7.4m because of the hack.
Within the meantime, Numen Cyber claimed to lose 1,030 ethereum (ETH) price over $2m.
https://twitter.com/NumenAlert/standing/1647256283890761732?s=20
The Hundred Finance crew told its members earlier in the present day to stop guessing about how the assault happened. In accordance with the process, its main purpose is to get in contact with the attacker and are available to an understanding.
2023 DeFi Hacks
This incident provides to the mounting complete of damages from hacking in 2023 and serves as a reminder of the hazards of decentralized finance (DeFi). There have been a number of hacks in the previous few weeks following the exploit of Euler Finance assault in March.
Within the first two weeks of April, vulnerabilities in DeFi protocols equivalent to Allbridge, Sentiment, and Yearn Finance have been exploited. Greater than $20m was misplaced as a consequence of these hacks, in response to analysis performed by DeFiLlama.