Lodestar Finance, a lending protocol based on the Arbitrum blockchain, was exploited in a flash loan attack on December 10th, leading to the theft of over $5.8 million worth of GLP tokens.
Lodestar Finance Exploited for $5.8 Million
On December 10th, Lodestar Finance reported that an attacker had inflated the value of the plvGLP token on PlutusDAO (to 1.83) and then used that token to borrow the available supply of liquidity on the network.
Sponsored
Lodestar explained the hacker earned over $3 million from the “funds stolen on Lodestar – less the GLP they destroyed.” Even after the hack, there were “many plvGLP holders” who “also got 1.83 GLP per plvGLP.”
According to the report, the hacker cashed out about $5.8 million. However, the team has recovered $2.8 million of the GLP, which should be utilized to repay depositors following the hack.
A Wave of DeFi Hacks
Although PlutusDAO has explained that only Lodestar’s oracle implementation was responsible for the vulnerability, the attacks further increase the bounty cybercriminals have earned from decentralized finance.
In 2022, more than $4.5 billion was stolen from the DeFi sector through hacks. Last week a hacker netted $20 million from exploiting Ankr and stablecoin issuer Helio Protocol.
On the Flipside
- Lodestar Finance had asked the hacker to reach out to the dev team to find a white-hat agreement and move on with recovering users’ funds.
Why You Should Care
As the DeFi sector pushes towards mainstream adoption, security has been highlighted as a critical issue that must be resolved.
Find out about the biggest DeFi hacks in:
Top 5 Hacks That Rocked DeFi in 2022
Read about the future of DeFi in:
Can DeFi Replace Traditional Finance? Finance Experts Weigh In
