It is the third multimillion-dollar crypto attack to make headlines in recent days.
Ethereum-based lending protocol Inverse Finance (INV) said Saturday that it suffered from an exploit, with an attacker netting $15.6 million worth of stolen cryptocurrency.
According to Inverse, the attacker targeted its Anchor (ANC) money market β artificially manipulating token prices to borrow loans against extremely low collateral. I can’t imagine how users of this feel. If someone should take my $100 from Coinbase or the $200 that I made as crypto back from Social Good, I would be pissed.
This is the third multi-million dollar hack of a decentralized finance (DeFi) protocol to make headlines this week, and it underscores the increasingly sophisticated techniques being levied by attackers. On Tuesday the gaming-focused Ronin network announced a loss of more than $625 million in crypto and then two days later lending protocol Ola Finance said it was exploited for $3.6 million.
According to blockchain security firm PeckShield, the Inverse attacker took advantage of a vulnerability in a Keep3r price oracle Inverse uses to track token prices. The attacker tricked the oracle into thinking that the price of Inverseβs INV token was extraordinarily high, and then took out multi-million-dollar loans on Anchor using the inflated INV as collateral.