• Language & Exchange Rate Switch
  • Preference Settings
    Rise/fall colour
    Start-End Time of the Change
Web3 Exchange
Gate Blog

Your Gateway to crypto news and insights

Gate.io Blog Deus Finance lost $3 million to a flash loan attack

Deus Finance lost $3 million to a flash loan attack

15 April 23:56


Tuesday, March 15, 2022, saw many tokens worth over 3 million dollars stolen from DEUS Finance.

The perpetrator hacked into the Oracle contract, distorted the pricing of the LP using flash loans, and took out DAI tokens from the platform.

DEUS Finance suffered a significant loss regarding the theft as their token, DEUS token, fell 40%. However, the token has recovered as necessary steps have been taken to calm users and investors and prevent another theft.

DEUS Finance Evolution is a marketplace for decentralized financial services. They provide the requisite infrastructure for users to build financial instruments such as futures trading, synthetic stock trading, and more.

The goal of DEUS Finance is to develop the next generation of asset tokenization. The company aims to enable users to secure the transfer of any digitally verifiable asset onto the blockchain.

Trading real-world assets and derivatives, such as stocks and commodities, on Ethereum, could be enabled through DEUS asset tokenization.



Image source: Pixabay.com


The attack



On Tuesday, March 15th, 2022, security firm PeckShield reported that Deus Finance was exploited for over $3 million worth of cryptocurrencies. The loss could be significantly higher, PeckShield said. The attack was on the crypto derivative platform of Deus Finance, its Fantom network iteration to be precise.

Deus Finance allows users and developers to build financial instruments on its platforms. The attack was based on these advantages, creating a loophole in the system.

PeckShield claims attackers manipulated the price of Deus's offerings. "Devs are fully aware of the situation and funds are safe. The issue is with the borrowing feature. In the Oracle contract (which was not the Muon oracle), the exploiter used flash loans (A flash loan is an uncollateralized loan that is created by smart contracts) to rig the LP pricing," the report explained. The result was the loss of all users' funds providing liquidity to the DAI/USDC pool.

The Blockchain data reports a large pool of over 3 million USDC worth of tokens stolen from Deus. The tokens were then exchanged for 200,000 DAI coins and 1,101.8 ETH. This transaction was performed on Multichain. According to PeckShield, the perpetrator sent the funds via Multichain (previously Anyswap) to the cryptocurrency mixer TornadoCash.This swap platform protects the identity and address of the hacker. Thus, it is hard to tie the theft to a specific individual.



Response from Deus Finance



Developers at Deus said they were working on a post-mortem report for contracts affected by the attack. After reports of the hack, Deus' native DEUS tokens fell almost 40%. The coin also suffered a 44% slump in price as compared to its pair, Fantom (FTM) - Fantom has the largest trading volume. However, the price of DEUS has improved with a significant 20% rise at the time of writing.

Deus Finance has issued a statement explaining the theft's context and assuring its users that such exploitations will no longer happen. There are also increased developments from the developers' team to ensure that other available options on the platforms are safe and secure.



Author: Gate.io Observer: M. Olatunji
Disclaimer:
* This article represents only the views of the observers and does not constitute any investment suggestions.
*Gate.io reserves all rights to this article. Reposting of the article will be permitted provided Gate.io is referenced. In all other cases, legal action will be taken due to copyright infringement.

ETH/USDT -0.83%
BTC/USDT -0.46%
GT/USDT -3.75%
DAI/USDT + 0.02%
Unbox Your Luck and Get a $6666 Prize
Register Now
Claim 20 Points now
New User Exclusive: complete 2 steps to claim Points immediately!

🔑 Register an account with Gate.io

👨‍💼 Complete KYC within 24 hours

🎁 Claim Points Rewards

Claim now
Language and Region
Exchange Rate
Go to Gate.TR?
Gate.TR is online now.
You can click and go to Gate.TR or stay at Gate.io.