• Tue. Apr 16th, 2024

Midas Capital’s DeFi Protocol Hacked Again

Avatar photo


Jul 13, 2023
Midas Capital's DeFi Protocol Hacked Again

Midas Capital, a decentralized finance (DeFi) platform, has taken the precautionary action of suspending all of its pools after an exploit was found within one of them. Although the project team has not provided detailed information on the stolen sum or the technical intricacies of the theft, PeckShield, a blockchain security firm, thinks that the thieves got away with more than $60,000.

On June 17, PeckShield stated in a tweet that the loan protocol, which was built on Compound Finance V2, had a rounding error that was the primary source of the vulnerability. The theft of the money has already started, with 510 BNB being transferred to the Tornado Cash cryptomixer by the attacker.

Notably, the Hundred Finance protocol was attacked in April, and the same weakness was used to get access to the system. This assault cost the hacker over $7 million since they were able to manipulate token values to empty credit pools.

Experts from Certik independently validated the Midas Capital vulnerability and found that flash credit was used in the attack.

Rampant DeFi Protocol Exploitation: Attackers Siphon Off $400 Million in 2023

This incident marks the second time that Midas Capital has fallen victim to hacking. In January 2023, the Jarvis Polygon pool was targeted in a flash-credit attack, resulting in the theft of approximately $660,000 worth of MATIC tokens.

The DeFi market continues to grapple with protocol exploits, resulting in significant financial losses for crypto projects. According to DeFillama, these exploits have led to a cumulative loss of around $400 million since the beginning of the year, with Atomic Wallet alone accounting for $100 million of that total.