The self-described compounding yield optimizer – Grim Finance – has reported being hacked in a reentrancy exploit with the attacker swiping up to $30 million worth of Fantom tokens.
- The DeFi protocol took it to Twitter on Sunday to inform its users about the hack. The team described it as an “advanced attack,” in which the perpetrator exploited the project’s vault contract through five reentrancy loops.
- This enabled the attacker to fake five additional deposits into a vault and ultimately took $30 million worth of FTM, according to this address. The hacker has already sent most of the tokens to other DEXs.
- The team said it had temporarily suspended all of its vaults to “prevent any future funds from being placed at risk” and urged all users to withdraw their funds.
- According to data from DeFiLlama, customers have followed Grim Finance’s advice. The total value locked in the DeFi protocol was near $120 million ahead of the hack, but it’s down now to just $4 million.
Hello Grim Community,
It is with heavy hearts that we inform you that our platform was exploited today by an external attacker roughly 6 hours ago. The attackers address has been identified with over 30 million dollars worth of theft here https://t.co/qA3iBTSepb
— Grim Finance (@financegrim) December 19, 2021
Credit: Source link