The recent hack of DEUS Finance resulted in the theft of over $6 million worth of DEI stablecoin. The attack primarily targeted the Arbitrum network, where a loss of over $5 million occurred, and also impacted the BNB Smart Chain with a loss of $1.3 million
DEI suffers $6M loss in hacking incident
According to a report by PeckShield, a blockchain security firm, DEUS Finance experienced a hack that resulted in a loss of more than $6 million across two networks, BNB Chain and Arbitrum.
DEUS Finance has confirmed the hack and disclosed that they suffered a loss of $5 million on the Arbitrum network and $1.3 million on the BSC.
Hi @DeusDao: it appears to be a pubic burn vulnerability with loss > $1.3M alone at BSC. The ARB/ETH deployments are also affected.
The BSC hack was successfully frontrun by a bot: https://t.co/hXskQOIfwV
The DEI token @ BSC was upgraded on Apr-10-2023 https://t.co/QJHwnZaXMk pic.twitter.com/C51CnVsg1B
— PeckShield Inc. (@peckshield) May 5, 2023
PeckShield observed that the hack, carried out by a bot, also targeted the ARB/ETH deployments, resulting in a compromise.
White-hat hackers discovered a flaw in DEI’s smart contract, which enabled unauthorized minting of new DEI tokens. Exploiting this vulnerability, hackers attempted to drain DEI from the impacted networks.
For all white hackers that were able to rescue funds during the DEI exploit from today 05/05/2023
We are confirming 0x7f5ae1dc8d2b5d599409c57978d21cf596d37996
As a DEUS team owned multisig on Arbitrum.
Please get in touch with us if you have not already. https://t.co/7w5y6Nh2EM— DEUS (@DeusDao) May 5, 2023
The DEUS team expressed their gratitude for the swift response of the white-hat hackers and took immediate action by suspending the affected contracts to minimize losses. These contracts have now been permanently deactivated.
Is DEUS losing user trust?
DEUS has unfortunately been targeted by hackers in the past, with two previous incidents resulting in losses of $13.4 million and $3 million, respectively.
The hackers employed flash loans to exploit a vulnerability in DEUS’ smart contract data reading format, specifically within the liquidity pools of the platform. By inflating the value of certain assets, they were able to secure a loan and generate significant profits by repaying the loan.
By utilizing a flash loan, the attackers borrowed a substantial amount of $143 million and managed to generate a profit of $13.4 million. It is suspected that the protocol suffered even greater losses as a result of this incident.
The DEI stablecoin has faced significant challenges, including a loss in value and de-pegging. Following the hack, the stablecoin experienced a sharp decline, plummeting by 71% and reaching as low as $0.28. Additionally, in a separate incident last year, the coin dropped to $0.59 due to the direct impact of the LUNA-UST collapse.
The recent events have raised concerns about the security measures implemented by DEUS and their ability to safeguard users’ assets effectively.