May 23, 2024
Latest Cryptocurrency News

DeFi App Steadefi Suffers $334,000 Exploit; Funds “Currently at Risk”

The DeFi application Steadefi fell victim to an ongoing cyber-attack on August 7, resulting in a loss of at least $334,000. The development team acknowledged the severity of the situation, indicating that all funds are currently exposed to risk through a social media post. According to DeFiLama’s data, the total value locked (TVL) in the app has significantly decreased due to the attack.

On Twitter, the Steadefi team issued a notice stating, “NOTICE: Steadefi has been exploited and all funds are currently at risk.” They also confirmed their attempt to communicate with the attacker by sending an on-chain message to the Ethereum address 0x9cf71F2ff126B9743319B60d2D873F0E508810dc. Blockchain data revealed that several substantial inflows were directed to this address on the Avalanche chain, commencing at 4:41 p.m. UTC.

Within the same Twitter thread, the company provided a comprehensive overview of the exploit, disclosing that the protocol deployer wallet which serves as the owner of all vaults within the protocol had been compromised. The attacker transferred ownership of all lending and strategy vaults to their controlled wallet, subsequently performing various owner-only actions. This included permitting any wallet to borrow funds from the lending vaults.

Currently, the exploiter has drained all available lending capacity on both Arbitrum and Avalanche chains, converting assets to ETH and transferring them to Ethereum. Fortunately, the depositor vaults have not been drained thus far, as the exploiter lacks an owner-only function to withdraw deposits from those vaults.

For users with assets in the strategy vaults, there might still be a possibility to withdraw them, assuming the exploiter has not paused the vaults. However, the exploiter has halted the farms contract, preventing users from withdrawing their svTokens or ibTokens deposited in the farms. Despite this, the exploiter is also unable to withdraw these assets.

Steadefi’s development team is actively dealing with the situation and attempting to mitigate further damage caused by the attack.

Image By vecstock

Related posts

Pink Drainer’s Latest Coup: $4.4M Stolen in Singular Heist

Christian Green

TikTok Implements Auto-Labeling for AI-Generated Content

Content Team

German Regulator Calls for Global Crypto Regulations in Niche Hubs

Kevin Wilson

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Please enter CoinGecko Free Api Key to get this plugin works.