On November 10th, the DeFi platform Raft experienced a complex security breach, leading to the unauthorized withdrawal of $3.3 million in Ethereum (ETH). The attack was primarily focused on Raft's stablecoin, R, causing its value to plummet by 70%.
PeckShield's investigation into the incident revealed that the attackers' attempt to exploit Raft's collateralized stablecoin system didn't go as planned. They created around $6.7 million in unbacked R stablecoin, suggesting a miscalculation in their strategy.
The attackers manipulated the rcbETH-c index, a key component in Raft's system, to mint $6.7 million in R and then produced more rcbETH-c to cover their tracks.
Blockchain analysis showed that the attackers extracted 1,577 ETH from Raft, of which 1,570 ETH was sent to a burn address, leaving only 7 ETH. Before the attack, they had mixed 18 ETH using the Tornado Cash service, likely to finance their activities. Despite the transaction costs, the attackers ended up with a net loss of 4 ETH.
Raft's R stablecoin, initially pegged at $1, saw a significant drop but later recovered to approximately 70 cents. David Garai, Raft's co-founder, reported the security breach on X (previously known as Twitter). He detailed how the attackers minted and sold R to deplete liquidity and then withdrew collateral.
Raft is a DeFi lending platform that issues the R stablecoin, backed by ETH liquid staking derivatives like Lido's stETH. This incident highlights the ongoing challenges and vulnerabilities in the rapidly evolving DeFi sector.
