Derivatives Platform Deus Finance Exploited for $3M on Fantom Network

Hackers manipulated a pricing mechanism to trick the protocol in a “flash loan” attack that led to loss of user funds, the security firm said.

AccessTimeIconMar 15, 2022 at 11:17 a.m. UTC
Updated Mar 15, 2022 at 2:54 p.m. UTC

Shaurya is an analyst/editor for CoinDesk's markets team in Asia.

Crypto derivatives platform Deus Finance was exploited for over $3 million worth of cryptocurrencies in early European hours on Tuesday, security firm PeckShield said in a tweet, adding that the overall losses could be much higher.

  • The attack on Deus Finance occurred on its Fantom network iteration. Deus Finance allows developers to build and issue financial instruments, such as derivatives or options, on its platform.
  • PeckShield said attackers manipulated prices on Deus’s offerings using a flash loan, a form of uncollateralized lending using smart contracts.
  • Hackers used flash loans to manipulate the contract that determined the price of DEI – one of the two tokens issued by Deus Finance – to falsely show that DEI had collapsed. This led to a loss of all funds of the users supplying liquidity to the DEI/USDC pool.
  • Blockchain data shows that over 3 million USDC tokens were stolen from Deus which was exchanged for 200,000 DAI and 1,101.8 ether (ETH) via decentralized exchange Multichain. The funds were then withdrawn to the privacy swap tool Tornado, which masks the addresses of the hacker and makes it difficult to tie stolen funds to their perpetrator.
  • Deus closed contracts affected by the attack and said its developers were working on a post-mortem report. Prices of Deus’s native DEUS token fell nearly 40% following reports of the hack but seemed to recover at the time of writing.
  • The attack comes days after Fantasm Finance, another Fantom-based protocol, was exploited for over $2.6 million, as reported.

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

CoinDesk - Unknown

Shaurya is an analyst/editor for CoinDesk's markets team in Asia.

CoinDesk - Unknown

Shaurya is an analyst/editor for CoinDesk's markets team in Asia.