The Ethereum decentralized finance (DeFi) protocol known as Hope Lend is now left with nearly no assets within its system following a severe security breach.
Multiple blockchain security firms have reported that on October 18th, two individuals were involved: one who outpaced the original hacker by discovering the vulnerability and another who was the original hacker. They collectively absconded with 526 Ether (ETH) from Hope Lend, which was valued at $825,357 at the time of this report. CertiK stated, "The successful attacker acquired 264 ETH and offered a 263 ETH incentive to an Ethereum validator."
However, Hope.money, the developer behind the DeFi protocol, has a differing account of the incident. In their statement on the matter, they allege that a lone hacker made off with 526 Ether from users' funds, giving a 263.91 ETH bribe to a validator purportedly controlled by Lido Finance, ultimately profiting 264.08 ETH.
Just two days earlier, the DeFi aggregator DeFiLlama had unveiled its plans to monitor Hope Lend's smart contracts for data curation. As of the current moment, Hope Lend's protocol appears to have been entirely depleted of assets. While the developers refrained from specifying the cause behind this incident, blockchain detective Spreek suggested that the breach "appears to be linked to WBTC [wrapped Bitcoin] decimals and rounding, resembling the recent Wise Lending hack."
Comments