Share this article
Another day, another DeFi hack. Inverse Finance is the latest Ethereum protocol to suffer a multi-million dollar exploit.
Inverse Finance Suffers Multi-Million Dollar Hack
Ethereum’s DeFi ecosystem has suffered another major hack.
Inverse Finance, a stablecoin protocol that focuses on capital efficient yield generation, was drained in an exploit early Saturday. PeckShield, one of the crypto industry’s top security analytics companies, alerted the Inverse team to the hack on Twitter minutes after the exploit occurred.
PeckShield explained in a series of tweets that the hacker deposited 901 Ethereum to the protocol and used an oracle manipulation bug to manipulate the price of Inverse’s INV token. They then used INV as collateral to borrow assets and drain the protocol. Etherscan data shows that the hacker drained millions of dollars in YFI, WBTC, and Inverse’s own DOLA token from the protocol and then used decentralized exchanges such as Uniswap to trade the assets for Ethereum. This Ethereum wallet connected to the hacker has already siphoned 4,200 Ethereum worth around $14.6 million through the transaction mixer Tornado Cash in a bid to cover their traces. The wallet contains just over $250,000 at press time.
The Inverse team acknowledged the hack in a tweet, but has not yet shared a full statement. “We are currently addressing the situation please wait for an official announcement,” the post read.
Interestingly, defying a trend that happens with most other DeFi hacks, INV is currently holding up in the market. It’s up 5.9% at press time, trading at $402.
Update: The Inverse team has paused future borrows on its Anchor platform and said that it will be submitting a governance proposal to ensure that affected users are fully reimbursed. “The plan to be proposed to governance is to ensure all wallets impacted by the price manipulation are repaid 100%,” a tweet read. It’s also offering the hacker “a generous bounty” for the safe return of the funds.
This morning Inverse Finance’s money market, Anchor, was subject to a capital-intensive manipulation of the INV/ETH price oracle on Sushiswap, resulting in a sharp rise in the price of INV which subsequently enabled the attacker to borrow $15.6 million in DOLA, ETH, WBTC, & YFI
— Inverse+ (@InverseFinance) April 2, 2022
INV has plummeted in the hours since the hack. It’s down 17.1% on the day, trading at about $314 at press time.
This story is developing and will be updated as more details emerge.
Disclosure: At the time of writing, the author of this piece owned ETH, INV, and several other cryptocurrencies. They also had exposure to UNI and YFI in a cryptocurrency index.
NFT Express: Your on-ramp to the world of NFTs
At Tatum, we’ve already made it super easy to create your own NFTs on multiple blockchains without having to learn Solidity or create your own smart contracts. Anyone can deploy…
Bored Ape Yacht Club Discord Server Hacked After Ticket Tool Exploit
Several Discord servers, including that of the Bored Ape Yacht Club, have been compromised. Hackers appear to have exploited a recent Ticket Tool Discord bot update to post phishing links…
Millions Lost as Solana DeFi App cashio Suffers Hack
The Solana stablecoin protocol cashio has suffered an exploit leading to a complete collapse of its flagship stablecoin, CASH. cashio Hacked for Millions cashio, a stablecoin protocol on Solana, has…