In another instance of the decentralized finance (DeFi) protocol bridge being exploited by hackers, the Optimism network’s credit market was targeted. The project has announced an investigation into a security issue and temporarily halted its protocol while allowing users to withdraw their assets.
Security firms PeckShield and De.Fi has confirmed an ongoing attack. The hackers managed to exploit a weakness in Exactly’s smart contracts, resulting in the theft of 4,323.6 Ethereum, equivalent to $7.2 million. Initially, there was a suspicion of around $12 million being stolen, but this was later revised.
Exactly was holding over $36 million in total value locked (TVL) before the hack, but this has now dropped to $10 million, according to DeFi Llama data. Despite this, the majority of these types of attacks are in the DeFi sector.
These kinds of exploits are becoming more frequent in the DeFi space, which seeks to replace traditional financial services with blockchain-based alternatives like lending and borrowing. Protocols like Exactly, while innovative, can have vulnerabilities due to their experimental nature. The past year saw a significant increase in hacks within the crypto space, particularly in the DeFi realm.
Bridges, which are protocols enabling the exchange of different cryptocurrencies across various blockchains, are especially easy to hack. This is partly because of the large amount of funds involved—tokens are locked in smart contracts during the process, and bridges introduce an additional potential point of attack that might not be as precisely tested as the blockchains they connect.
Earlier Todayq News reported that the Ethereum community has proposed an idea to enhance the security of decentralized finance (DeFi). Given the observed majority of exploitation in the DeFi realm, the community introduced the ERC 7265 protocol to address security concerns on DeFi platforms and safeguard investor funds.
This recent protocol introduces a crucial “circuit breaker” feature to DeFi smart contracts, which can be triggered in the event of a potential security breach. This mechanism promptly halts token transfers to prevent further harm.
However, the DeFi platform has not yet derived benefits from the ERC 7265 protocol, as the industry suffered significant losses of approximately $390 million in July due to security breaches on platforms like Arcadia Finance, Curve Finance, Multichain, and others.
The majority of these incidents occurred on the Ethereum blockchain, resulting in an aggregate loss of $350 million across 36 separate attacks. Notably, Multichain experienced the largest individual loss of $231 million due to a security loophole. Modifications to ERC 7265 may be anticipated in the future, as it has not performed as expected.