Decentralized Finance suffers another blow: lending protocol attacked, Lock-up Position falls 99.9% in 24 hours.

Recently, a platform focused on Decentralized Finance and coin protocols experienced a security incident, with its lending protocol being attacked, forcing the platform to temporarily shut down. The security team analyzed that the method of this attack is very similar to a certain DEX attack case that occurred the previous day, and it is likely carried out by the same group of hackers. Currently, the team of the attacked platform is conducting an in-depth investigation into the details of the incident.

On-chain data shows that the attacker has transferred the acquired assets to two mainstream DeFi lending platforms. The data platform monitored that the locked amount of the attacked platform plummeted by 99.9% within 24 hours, almost dropping to zero.

Looking back at the attack incident from the previous day, the hacker cleverly exploited the compatibility vulnerability between a certain DEX and the ERC777 token standard. During the ETH and imBTC trading, the attacker executed a reentrancy attack through the tokensToSend function in the ERC777. According to security agencies, the DEX lost approximately 1,278 ETH in this attack, worth around $220,000. Additionally, about 18.37 imBTC were acquired by two arbitrageurs at a lower price, with the two addresses starting with 0x3195c3 and 0x17559a respectively.

The two consecutive attacks have once again sounded the alarm for DeFi security, reminding project teams and users to be more vigilant about potential security risks. At the same time, this also highlights the security challenges when it comes to cross-protocol interoperability, especially when dealing with tokens of different standards.