Rodeo Finance Exploited Again: $1.53 Million Loss
Rodeo Finance, a decentralized finance (DeFi) protocol built on Arbitrum, has suffered yet another exploit, resulting in a loss of $1.53 million in Ethereum. This incident highlights the growing security challenges faced by DeFi platforms.
Key Points:
– Exploit Details: The attacker exploited a code vulnerability in Rodeo’s Oracle, using a key function to drain funds from the platform’s USDC pool. They manipulated the Oracle to force a swap and siphon off 290 WETH, which was later bridged to the Ethereum network.
– Oracle Manipulation: The attacker took advantage of the vulnerability to convert WETH to unshETH at an unfair rate. They then returned to the Ethereum network, draining an additional 230 WETH from the Rodeo vault.
– Masking Tracks: Before leaving, the attacker sent 150 ETH into Tornado Cash to conceal their activities. The remaining 371 ETH was left in the wallet.
– Repeating Exploits: This is the second security breach Rodeo Finance has experienced within a week. The previous exploit resulted in a loss of approximately $89,000. The Arbitrum network has witnessed 21 exploits in 2023, totaling over $20 million in losses.
– Impact: Following the exploit, Rodeo Finance’s total value locked (TVL) dropped below $500 from an initial $20 million. The native token’s price also plummeted by over 53% in the last 24 hours.
Hot Take: The repeated exploits on Rodeo Finance and the broader security issues in the Arbitrum network highlight the urgent need for improved security measures in DeFi protocols. Investors and users should exercise caution and conduct thorough due diligence before participating in such platforms.
By
By
By
By