3 - 5 minute read
Hundred Finance, a multichain lending protocol, has suffered a significant security breach on the Ethereum layer-2 blockchain Optimism, with losses of $7.4 million. The attack was executed using a flash loan attack, where the hacker manipulates the price of an asset to withdraw more tokens than initially deposited. This is the second security breach suffered by Hundred Finance, with the previous attack being on the Gnosis Chain, resulting in a loss of over $6 million.
DeFi protocols have been targeted by hackers, with flash loan attacks being a preferred method of execution. Recent cases include attacks against Euler Finance and Mango Markets, with Mango’s thief being arrested by United States authorities. Hundred Finance is working with security teams on this security breach and preparing a postmortem report on the incident.
According to blockchain security firm Certik, the attacker manipulated the exchange rate formula through Cash value. Cash is the amount of WBTC that the hBTC contract has. The attacker donated a large amount of WBTC to the hToken contract to manipulate the exchange rate, leading to large loans being taken out under the manipulated exchange rate.
In a tweet on April 15, Hundred Finance announced the exploit, saying, “We are working with various security teams on this incident and have also contacted the hacker. We will provide more information as soon as possible”.
Blockchain security firm Certik noted that it was a flash loan attack and tweeted, “The estimated losses of this attack is around $7.4 million…Stay vigilant!”.
Estimated current loss is ~7m USD.— Hundred Finance (@HundredFinance) April 15, 2023
Once again we hope the hacker will reach out back to us and we will be able to find a joint solution to resolve this matter. 🙏
Thank you everyone for your support and help during these difficult times. ❤️ https://t.co/wLGAl4AAGA
The security breach on Hundred Finance is concerning, with the multichain lending protocol suffering its second security breach in less than a year. Hackers have been targeting DeFi protocols with flash loan attacks, making it crucial to remain vigilant.
Hundred Finance’s response to the hack indicates measures are being taken to ensure the platform is secure in the future. With the postmortem report, the protocol can learn from its breaches and take steps towards preventing similar events from occurring.
The manipulation of the exchange rate formula through Cash value highlights the need for DeFi protocols to focus on security measures. It is clear that security breaches will continue to happen in the DeFi space, making it more crucial than ever for protocols to focus on security solutions.
Traders should remain cautious when engaging with DeFi protocols, particularly given the frequency of security breaches. It is important to keep updated with the latest security measures and remain vigilant.
The Bottom Line
The security breach suffered by Hundred Finance highlights the need for greater security measures within the DeFi space. Traders should remain cautious when engaging with DeFi protocols, particularly given the frequency of attacks. It is crucial for DeFi protocols to focus on security solutions to prevent such events from occurring.