- Sturdy Finance has been exploited by an unknown hacker who manipulated a faulty price oracle.
- The platform experienced a loss of 442 ETHs, accounting for an amount of $800,000.
- According to Sturdy Finance’s tweet, the platform suspended trading to avoid further losses.
The DeFi lending protocol Sturdy Finance was attacked today causing a loss of 442 Ether, accounting for an amount of almost $800,000. As per reports, the security attack was executed by an unidentified hacker who misused the re-entrancy vulnerability to manipulate a faulty price oracle.
The blockchain analytics firm PeckShield, took to Twitter earlier today to announce the exploitation that Sturdy Finance has faced.
According to PeckShield’s analysis, Sturdy Finance’s exploitation hasn’t shown any signs of a security breach or a smart contract hack, but “the issue seems to be related to the price manipulation.” The analyst also revealed the hacker’s address, pointing out that the exploiter has already moved 442.6 ETH to the decentralized crypto tumbler Tornado Cash, following which the details were obscured using the Tornado Cash mixer.
Sturdy Finance, acknowledging the issue, responded immediately by suspending its trading services to avoid any further losses.
The platform affirmed that “no additional funds are at risk,” adding that more information regarding the matter would be updated once the issue is cleared. The team also consoled its community and reassured them that no immediate actions are required from the customers.
According to the security firm BlockSec, the root cause is due to the typical Balancer’s read-only re-entrancy, while the price of B-stETH-STABLE was manipulated. BlockSec asserted that the attacker was able to steal the ETHs by the manipulation of price.
A recent analysis by DeFi REKT Database stated, so far, the month has witnessed almost 9 DeFi attacks, out of which the most severe was the Atomic Wallet exploit on June 4. The multicurrency wallet has been victimized by one of the largest crypto exploits that ever happened, resulting in a loss exceeding $35 million.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
