Hundred Finance Warns Compound V2 Users After Hack
The protocol, which combines with Chainlink oracles to maintain market health and stability, reported on Saturday, April 15, through their official Twitter account that they had been hacked, with estimated damages at $7 million.
Estimated current loss is ~7m USD.
Once again we hope the hacker will reach out back to us and we will be able to find a joint solution to resolve this matter. 🙏
Thank you everyone for your support and help during these difficult times. ❤️ https://t.co/wLGAl4AAGA
— Hundred Finance (@HundredFinance) April 15, 2023
The protocol team said that it was compiling a post-mortem on how the incident occurred and encouraging people not to speculate until it issued an official statement.
Furthermore, Hundred Finance said that it is attempting to negotiate a stolen funds agreement with the hacker with the aim of retrieving part or all of the stolen monies. In a subsequent Twitter, the protocol said it was also discussing the situation with several security teams.
On Sunday, the protocol requested anyone affected by the hack who lives in the United States, notably New York, to contact Hundred Finance through Twitter or the chat app Discord. In addition, users of Compound V2 also need to pay attention because this is a common vulnerability.
If you are a Compound V2 fork and we or our frens are not in contact with you already, please reach out so we share the information on the hack since it is a general flaw in the code and not specific to Hundred deployment.
Thank you!
— Hundred Finance (@HundredFinance) April 16, 2023
CertiK, a blockchain security company, detailed the assault on Twitter, revealing how the hacker was able to walk away with $7.4 million in digital assets by manipulating the exchange rate between Ethereum ERC-20 and hTOKENS.
#CertiKSkynetAlert 🚨@HundredFinance has announced on their Twitter account that they have been hacked on Optimism. At time of writing, the scope of the incident is unclear. We will keep you updated as we learn more and investigate.
Stay safe out there! https://t.co/WTV0hjpT0Z
— CertiK Alert (@CertiKAlert) April 15, 2023
On Hundred Finance’s website, hTOKENS are used as interest-bearing, tokenized representations of user deposits that might vary in value based on the activity of other borrowers.
However, Hundred Finance has not been hacked for the first time. Hundred Finance and Agave were used in a reentry assault on Gnosis Chain in 2022. As a consequence, Hundred lost $6.5 million at the time, while the two platforms lost $11 million.
Many criminals have utilized flash loan attacks to target DeFi since the previous year.
Attacks on Euler Finance, with $196 million in damage, and Mango Markets, with $46 million in damage, are recent examples. Although Eulerwhile’s hacker refunded the majority of the cash, Mango’s thief was apprehended by US police.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
