Sentiment Lost Close to $1M in DeFi Reentrancy Attack

DeFi lending platform Sentiment suffered a reentrancy attack on April 4, with the attacker stealing somewhere close to $1 million. The team has since issued a fix.

The DeFi market continues to be a major target for hackers, and Sentiment has become the latest victim. On April 4, the platform lost nearly $1 million in a reentrancy attack.

Sentiment Attacked Suffers Reentrancy Attack

The team acknowledged that the attack had taken place, with them becoming “aware of abnormal borrowing activity, which has now been declared as a malicious exploit.” The team paused the main contract to deal with the situation, restricting functionality to withdraw-only.

Third-party security auditors have helped the team implement a fix for the problem, which will please users. This means that users can repay debts and unwind their positions. Additionally, the team is also working with law enforcement and others to identify the hacker and recover the funds.

Sentiment was exploited for the funds on Arbitrum. While the exact figure is unclear, it appears that the total sum is closer to $1 million.

There have been analyses of the attack, with the attack method being that the hacker “used view re-entrance Balancer bug to execute malicious code before pool balances were updated and steal money using overpriced collateral.”

Euler Finance and Allbridge Victims of DeFi Attacks

There have been a fair few attacks in the DeFi space in the past few months. The space has had a rough start in 2023. Most recently, Euler Finance saw about $200 million stolen. However, in an unusual development, the hacker apologized and returned the funds after a negotiation with the team.

Allbridge was another notable victim of an attack, with the cross-chain protocol losing about $570,000 in early April. The exploit was related to a possible manipulation of a swap-related formula. The hacker did receive a bounty after he returned some funds.

DeFi Platforms Lost Over $200M in March

In total, the DeFi market lost over $200 million in March. That was mainly because Euler saw a large sum stolen, but the threat of attacks remains. February was a much smaller amount, with the total sum lost being about $21 million.

DeFi hacks, including reentrancy attacks, in 2023: DefiLlama
DeFi Hacks in 2023: DefiLlama

Going forward, crypto projects will want to be careful about the security of their platforms. As regulation becomes increasingly important, teams will want to ensure that investors are protected.

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content.

Source: https://beincrypto.com/defi-lending-platform-sentiment-loses-1m-exploit/