In a recent incident, a hacker exploited a code vulnerability in the noncustodial decentralized finance (DeFi) protocol Arcadia Finance, draining approximately $455,000 from the platform.
PeckShield, a blockchain investigator, identified the cause of the hack as the absence of untrusted input validation in the code.
The hacker took advantage of this vulnerability, which allowed them to siphon funds from the Ethereum (darcWETH) and Optimism (darcUSDC) vaults.
READ MORE: Digital Currency Group Dismisses Gemini Lawsuit as “Publicity Stunt” by Winklevoss Twins
Arcadia Finance has not yet provided a comment on the hack in response to inquiries made by Cointelegraph.
However, the team did mention that PeckShield’s assessment of the root cause was incorrect.
Nevertheless, Arcadia Finance acknowledged the hack and took immediate action by pausing the contracts to prevent further loss of funds.
While investigations are ongoing, it has been discovered that Arcadia’s code contains another vulnerability that could potentially have catastrophic consequences if exploited.
PeckShield revealed that there is a lack of reentrancy protection, which enables instant liquidation to bypass the internal vault health check.
The majority of the stolen funds, approximately 180 Ether (ETH) equivalent to $1,864 at the time, were from Optimism and have been laundered through Tornado Cash.
However, the stolen tokens on the Ethereum network, valued at over $103,000, are still held in the suspected wallet address.
In the second quarter of 2023, the crypto space experienced a series of hacks and exploits, resulting in a cumulative loss of more than $300 million.
CertiK, a blockchain security company, reported a total of 212 security incidents during this period, which led to a loss of $313,566,528 from various Web3 protocols.
Comparing the data with the same period in the previous year, CertiK observed a decline of 58% in crypto hacks. Among the incidents, the BNB Smart Chain had the highest number, with 119 recorded cases amounting to losses of $70,711,385.
To commemorate this significant moment in history and show support for independent journalism in the crypto space, readers have the opportunity to collect this article as an NFT (Non-Fungible Token).