A new DeFi exploit has hit the crypto community. The damage is estimated at $3.6 million. DForce, an ecosystem of DeFi protocols, was reportedly under a reentrancy attack on the Arbitrum and Optimism chains on Friday. The hack led to a damage of $3.6 million. DForce confirmed the exploit shortly after the incident and notified the dForce Vaults’ suspension. “wstETH/ETH Curve gauge vaults on Arbitrum & Optimism were exploited a few hours ago, and we immediately paused the dForce Vaults – other parts of the protocol remain intact and user funds are SAFE with dForce Lending,” according to an official announcement. According to the latest updates, the attack didn’t affect other vaults and dForce lending. DForce reported working with blockchain security company SlowMist to investigate the incident which further revealed reentrancy vulnerability as the cause. DForce also stated that it would offer a bounty to the attacker if he returned the funds. Technically explained, reentrancy attack refers to a vulnerability in smart contract that repeatedly invokes a smart contract function and triggers a series of funding withdrawals, leading to a severe damage. The root cause is still under investigation. The possibility is that the incident was linked to a bug on smart contract or a lack of proper security control. The first reentrancy attack happened in 2016. Hackers took over the control of the Decentralized Autonomous Organization (DAO) and extracted $50 million worth of Ether.
Full story : DForce DeFi Protocol Hacked For $3.6 Million.