Arcadia Finance claimed the company is "investigating the root-cause with security experts."
Arcadia Finance, a non-custodial decentralized finance (DeFi) service operating on Ethereum and Optimism, has fallen victim to an almost $455,000 hack.
The news about the hack was first revealed by the blockchain investigator PeckShield on July 10th.
Did you know?
Want to get smarter & wealthier with crypto?
Subscribe - We publish new crypto explainer videos every week!
10 Biggest Crypto Scams & How to Avoid Them (ANIMATED)
According to the blockchain investigator, malicious actors exploited "the lack of untrusted input validation." In simpler terms, the protocol lacked a system to scrutinize unchecked entries, which the infiltrator leveraged to siphon off funds from Ethereum (darcWETH) and Optimism (darcUSDC) vaults.
While Arcadia Finance has remained silent about the reasons behind the incident, the protocol confirmed the hack about two hours after PeckShield's notification.
The company took to Twitter to note that they are currently "investigating the root-cause with security experts." On top of that, the message revealed that the protocol has "paused the contracts."
While investigations into the incident are still underway, another vulnerability could be detrimental to Arcadia Finance. As per PeckShield's warning:
In addition, there is a lack of reentrancy protection, which allows for the instant liquidation to bypass the internal vault health check.
Interestingly, the majority of the stolen funds, 180 Ether (ETH), originated from Optimism. It is worth noting that these funds were later laundered using sanctioned crypto mixer Tornado Cash. On the other hand, the funds stolen from the Ethereum network, currently valued at over $103,000, are yet to move from the suspected wallet address.
At the end of June, the Web3 portfolio app De.Fi shared a report noting that during the second quarter of 2023, the DeFi ecosystem lost over $200 million in various scams and hacks.
The Arcadia Finance hack underscores the critical need for robust security measures and constant vigilance in the crypto space to safeguard against potential breaches.
