Ethereum’s DeFi Protocol Inverse Finance hacked and millions of dollars stolen
On Saturday, Inverse Finance was hacked. The hacker has already transferred more than $14.6 million using Tornado Cash.
Another day, another DeFi security breach. Inverse Finance is the latest Ethereum protocol to be the victim of a multimillion-dollar hack.
Inverse Finance, a stablecoin system aimed at capital-efficient income production, was emptied early Saturday in an attack. PeckShield, one of the leading security analytics businesses in the cryptocurrency sector, informed the Inverse team to the attack through Twitter minutes after it happened.
PeckShield revealed in a series of tweets that the hacker inserted 901 Ethereum to the protocol and manipulated the price of Inverse’s INV token via an oracle manipulation flaw. They then borrowed assets and drained the protocol using INV as collateral. According to Etherscan data, the hacker extracted millions of dollars in YFI, WBTC, and Inverse’s own DOLA tokens from the system and then traded them for Ethereum via decentralized exchanges like Uniswap.
This hacker’s Ethereum wallet has already stolen 4,200 Ethereum worth about $14.6 million using the transaction mixer Tornado Cash in an attempt to conceal their tracks. At the time of publication, the wallet contained somewhat more than $250,000.
The Inverse team confirmed the attack in a tweet but has not yet issued a statement in its entirety. “We are handling the problem at the moment; please wait for an official statement,” the message said.
Contrary to popular belief, INV is presently holding its own in the market, bucking a pattern seen with the majority of other DeFi hacks. At publication time, it was up 5.9 percent to $402. This story is developing and will be updated as new information becomes available.