šŸšØ Time is Running Out: Reserve Your Spot in the Lucky Draw & Claim Rewards! START NOW

Rodeo Finance Suffers $1.5 Million Loss due to Oracle Code Vulnerability

Rodeo Finance Suffers $1.5 Million Loss due to Oracle Code Vulnerability

After the exploit, the wallet linked to the malicious actor held over 370 ETH.

On July 11th, Rodeo Finance, a decentralized finance (DeFi) protocol operating on the Arbitrum platform, fell victim to an exploit, incurring a loss of $1.53 million.

This incident was facilitated through an exploit involving a code vulnerability in the protocol's Oracle, leading to a significant loss of more than 810 Ether (ETH).

What is Balancer in Crypto? Beginner Friendly BAL Explainer

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

Insights from the blockchain analytics company PeckShield shed light on the attacker's strategy. After exploiting Rodeo Finance, the hacker transferred funds from Arbitrum to Ethereum, swapping 285 ETH for unshETH.

Following this move, they staked the ETH on Eth2. Their final maneuver was to route the stolen ETH via the widely-used mixer service Tornado Cash.

The hacker utilized a sophisticated technique known as time-weighted average price oracle manipulation. DeFi protocols commonly use this method to determine the average asset price over a specific period, helping to mitigate potential volatility in the market.

However, this method can be manipulated by crafty attackers. By manipulating the calculated average price, they can exploit the protocol during a transaction. Essentially, they first borrow a large amount of assets, then abused the price to purchase the same asset at a deflated price. After returning the loan, the hacker can profit from the exploited low price.

As per Etherscan, the hacker's wallet address, linked to the Rodeo exploit, holds more than 374 ETH. In the aftermath of the exploit, the total value locked (TVL) in the DeFi protocol plummeted from $20 million to less than $500.

Furthermore, the native token's price suffered a steep 53% decline within 24 hours.

The year 2023 has seen a worrisome number of incidents on the Arbitrum Network. With 21 recorded exploits, losses exceed $20 million. This latest exploit of $1.53 million ranks as the fifth largest on Arbitrum in 2023.

Gile K. , Market Sentiment Analyst
Gile is a Market Sentiment Analyst who understands what public events may form what emotions. Her experience researching Web3 news and public market messages – including cryptocurrency news reports, PRs, and social network streams – is critical to her role in helping lead the Crypto News Editorial Team.
As an intelligent professional in public relations, together with the team, she aims to determine real VS fake news patterns, and bring her findings to anyone searching for unbiased news and events happening in the FinTech markets. Her expertise is uncovering the latest trustworthy & informative Web3 announcements to the masses.
When she's not researching the trustworthiness of mainstream stories, she spends time enjoying her terrace view and taking meticulous care of her outdoor environment.

Loading...
binance
×
Verified

$600 WELCOME BONUS

Earn Huge Exclusive Binance Learners Rewards
5.0 Rating