Another day, another DeFi hack. Inverse Finance is the latest Ethereum protocol to suffer a multi-million dollar exploit.
Ethereum’s DeFi ecosystem has suffered another major hack.
Inverse Finance, a stablecoin protocol that focuses on capital efficient yield generation, was drained in an exploit early Saturday. PeckShield, one of the crypto industry’s top security analytics companies, alerted the Inverse team to the hack on Twitter minutes after the exploit occurred.
PeckShield explained in a series of tweets that the hacker deposited 901 Ethereum to the protocol and used an oracle manipulation bug to manipulate the price of Inverse’s INV token. They then used INV as collateral to borrow assets and drain the protocol. Etherscan data shows that the hacker drained millions of dollars in YFI, WBTC, and Inverse’s own DOLA token from the protocol and then used decentralized exchanges such as Uniswap to trade the assets for Ethereum. This Ethereum wallet connected to the hacker has already siphoned 4,200 Ethereum worth around $14.6 million through the transaction mixer Tornado Cash in a bid to cover their traces. The wallet contains just over $250,000 at press time.
The Inverse team acknowledged the hack in a tweet, but has not yet shared a full statement. “We are currently addressing the situation please wait for an official announcement,” the post read.
Interestingly, defying a trend that happens with most other DeFi hacks, INV is currently holding up in the market. It’s up 5.9% at press time, trading at $402.