Recently, a new wave of attacks targeted the DeFi ecosystem, with the Exactly protocol compromised for almost $7.3 million, but Harbor’s team is currently assessing the amount stolen. According to blockchain security companies DeDotFi and PeckShield, two independent and ostensibly unconnected assaults recently compromised the DeFi protocols Exactly and Harbour.
According to on-chain data, 4,323.6 Ether, which at the time of writing was valued about $7.3 million, had been taken from the Exactly Protocol. The hackers then connected 1,490 ETH to the Ethereum network via the Across Protocol and 2,832.92 ETH via the Optimism Bridge. One of the cryptocurrency lenders on the Optimism network is called Exact. Initial reports mentioned that almost $12 million worth of ETH, or more than 7,160, had been stolen, but were then reduced to a smaller sum.
However, the attacker executed a malicious deposit function to steal assets placed by users, passing in a malicious market contract address to get around the permit check. There was a theft of about $7.3 million.
The protocol reported the attack to the police and is attempting to get in touch with the perpetrators to get the stolen property back, according to its team’s post on X (previously Twitter).
Another security problem was the interchain stablecoin protocol Harbour, which announced that it had been attacked and suffered the loss of money from its stable-mint, as well as from the stOSMO, LUNA, and WMATIC vaults. The total value of the stolen cryptocurrency is unknown as of this writing. According to reports, Harbour is attempting to track down funds and calculate the total damages.
The attacks come after a number of security problems that have occurred recently throughout the DeFi ecosystem. A bug in three versions of the Vyper programming language on July 30 led to the theft of approximately $61 million from Curve Finance’s stablecoin pools. In recent days, other protocols have also been exposed, like Earn Finance, as at least $287,000 worth of ETH was stolen, while Zunami Protocol lost $2.1 million due to another exploit.