TheCryptoUpdates
BlockchainBlockchain NewsCryptoCryptocurrency NewsDEFIDefi newsGeneral NewsNews

Ola Finance’s DeFi Lending Protocol Gets Exploited for $3.6 Million

Inverse Finance, a lending platform based on Ethereum, got hacked

An open-source, decentralised financial system called Ola Finance has been the victim of a re-entry assault that resulted in the loss of $3.6 million in cryptocurrency.

As Ola Finance summarised the attack and revealed that the stolen protocol value was around $4.67M in ETH, BTC, and FUSE pricing. There were 216,964 USDC, 507,216 BUSD, 200,000 fUSD, 550.45 WETH, 26.25 WBTC, and 1.24 million FUSE stolen by the hackers.

About the re-entrancy attack

PeckShield, a blockchain security startup, released a detailed analysis and diagnosis of the vulnerability.

In a re-entrancy attack, a threat actor exploited flaws in Ola Finance’s smart contracts to give a loan based on bogus collateral to the protocol’s decentralised lending platform.

According to the security company. Tornado Cash, an anonymous transfer mechanism, was used by the threat actor to withdraw cash.

Loans were withdrawn from Ola Finance’s decentralised lending platform when the cash from Tornado Cash was moved to the Fuse network, on which Ola Finance operates. 

Using the built-in callback methods of ERC677 and ERC777 tokens, the hack was made possible because of the incompatibility between the Compound fork and these tokens.

Axie Infinity’s Ronin sidechain was attacked for $625 million in a previous assault on decentralised finance (DeFi) systems, making this the latest in a series of attacks. 

After a number of high-profile hacks on DeFi systems, several experts have called for an enhanced examination of smart contract programming.

Hackers Have Their Eyes on DeFi

The $625 million Ronin network attack by Axie Infinity was just a few days before the Ola Finance hack. Ronin has been hacked to the tune of 173,600 ETH and 25.5 million USDC, making it one of DeFi’s biggest ever hacks.

Since the Ola Finance hack, reentrancy attacks have been utilised in several high-profile breaches. A reentry fault and a flash loan vulnerability were used to steal over $11 million from Agave and Hundred Finance on March 16, according to FXEmpire.

DeFi thefts are becoming more widespread, despite the fact that Ola Finance’s intrusion is less than those previously reported.

***

Related Articles

Uganda’s Royal Family Lends its Support to the Cryptocurrency Revolution

Akansha Kesarwani

Kazakhstan president signs law increasing crypto miners’ tax burden

Mridul Srivastava

YouHolder, a Ledger Vault-secured Fintech platform, Adds 10 More Cryptocurrencies

Ahmad