Another DeFi Protocol Experiences Hacker Exploits; Loses $3.7M

Ola Finance (a DeFi lending protocol) has acknowledged that it suffered from a hacker exploit on March 31, resulting in the loss of $3.7M worth of digital assets.

How The Attack Happened

A report by blockchain security firm (PeckShield) showed that the hacker exploited a bug in one of the protocol’s smart contracts to carry out the attack. The report came about because Ola Finance had sought the services of Peckshield in identifying the cause of the attack. This attack is the latest in a series of attacks affecting the DeFi sector.

Earlier in the week, another DeFi project (Axie Infinity’s Ronin blockchain) suffered an attack that resulted in the loss of $650m. Many industry watchers have described the attack on the Ronin network as one of the biggest in the DeFi sector’s short history. 

Even though the amount lost in this Ola Finance exploit was small compared to the amount lost in the Ronin network attack, it still shows investors’ willingness to invest in little-known projects. A DeFi llama data claimed that this attack was carefully planned towards the time of Ola Finance’s blockchain deployment across the Fuse network.

The fuse network is an EVM-compatible blockchain with about $13B in TVL before the attack. The first sign of the attack was some fund withdrawals through tornado cash. Criminals often use tornado cash to stash their stolen crypto because the platform allows them (and any other user) to transfer digital assets anonymously.

After completing the transfer to the Fuse network, the criminal used the funds as collateral and obtained loans through Ola’s decentralized lending protocol. Then, the attacker capitalized on the re-entrancy bug to withdraw the collateral without repaying the loan amount. The hacker repeated these steps severally across various Ola pools. After withdrawing all the funds, the hacker moved those funds to unidentified Ethereum and BNB chain wallets.

Consequently, Ola has temporarily suspended its services from the Fuse network. A tweet from the protocol’s official Twitter account states that it would soon release a detailed version of the hacker exploit. The tweet further states that its services on other blockchains will remain functional since they weren’t affected by this hacker exploit.

Similar Attacks And Solutions To Prevent A Recurrence

This Ola Finance re-entrancy attack isn’t the first to happen in recent times, and it isn’t the largest either. About fourteen days ago, two gnosis-built DeFi lending projects suffered re-entrancy attacks. Also, the 2016 DAO attack is a type of re-entrancy attack. It was so huge that an Ethereum network upgrade became necessary and was executed.

Crypto insurance is one of the proposed solutions to resolve this issue. Sadly, no DeFi project has taken the necessary steps to have this insurance despite the continued loss of investors’ funds. Smart contract insurance is the best option for these DeFi projects. Investors might need to start demanding it from DeFi projects seeking investors’ funds so that these DeFi projects can take crypto-insurance seriously.

Leave a Reply

Your email address will not be published.


What is Copy Trade and How It Works?

Copy Trade Intro Copy trade or copy trading is a type of trading in which one trader (the “follower”) automatically copies the trades of another trader (the “leader”). This is done through a copy trading platform, which connects the follower and leader and allows the follower to automatically copy the leader’s trades in real-time. How […]

Coins Capital Review, – Is Coins Capital Scam Or Legitimate?

Coins Capital Trading Platform Rating 4.3 Summary Read our Coins Capital review at FStar Capital Forex and Cryptocurrency Trading blog, find the answer to your question “is Coins Capital scam or legit” and much more! Coins Capital Review You have been thinking for a long time if trading is for you. You have finally […]

AI Center Indicts ChatGPT Developer of Trade Law Violations: Claims Bias & Deception

The organization alleges that the creator of ChatGPT has violated Section 5 of the Federal Trade Commission Act with the release of GPT-4. This section of the act prohibits any practices or acts considered deceptive or unfair and that affect commerce. CAIDP has complained to the US Federal Trade Commission, intending to prevent the distribution […]

Investors Excited As XRP Market Capitalization Hits $20 Billion

It’s been wide jubilation today after XRP investors heard the announcement that the market capitalization has surged to $20 billion. XRP: a cryptocurrency developed and managed by Ripple, a San Francisco, United States, distributed data company. It was gathered that the coin itself responded to this development through a climb in price – it was […]

GlobalTrades Review, – Is Global Trades Scam or a Good Broker?

GlobalTrades Trading Platform Rating 4.6 Summary Read our Global Trades review at FStar Capital Forex and Cryptocurrency Trading blog, find the answer to your question “is scam or legit” and much more! GlobalTrades Review As people look at cryptocurrencies and their immense success, they are eager to start their own trading businesses. While […]