{"id":59539,"date":"2022-04-03T10:20:31","date_gmt":"2022-04-03T07:20:31","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=59539"},"modified":"2025-09-04T22:24:26","modified_gmt":"2025-09-04T19:24:26","slug":"hackers-stole-more-than-15-million-in-attack-on-inverse-finance-lending-project","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/hackers-stole-more-than-15-million-in-attack-on-inverse-finance-lending-project\/","title":{"rendered":"Hackers stole more than $15 million in attack on Inverse Finance lending project"},"content":{"rendered":"<p>On April 2, the lending project Inverse Finance reported a hacking attack in which assets worth $15.6 million were stolen. The protocol team pledged to reimburse users&#8217; losses.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">This morning Inverse Finance\u2019s money market, Anchor, was subject to a capital-intensive manipulation of the INV\/ETH price oracle on Sushiswap, resulting in a sharp rise in the price of INV which subsequently enabled the attacker to borrow $15.6 million in DOLA, ETH, WBTC, &#038; YFI<\/p>\n<p>\u2014 Inverse+ (@InverseFinance) <a href=\"https:\/\/twitter.com\/InverseFinance\/status\/1510282040809299972?ref_src=twsrc%5Etfw\">April 2, 2022<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cThis morning, one of Inverse Finance&#8217;s markets, Anchor, was subjected to a capital-intensive manipulation of the INV\/ETH price oracle on SushiSwap, which led to a sharp rise in INV quotes. This allowed the attacker to borrow $15.6 million in DOLA, ETH, WBTC and YFI,\u201d the project team wrote.<\/p>\n<\/blockquote>\n<p>According to PeckShield, the attacker exploited a vulnerability in the <a href=\"https:\/\/andrecronje.medium.com\/keep3r-v2-oracles-8895f107561b\">Keep3r price oracle<\/a>, which Inverse Finance uses to track token prices. The exploit allowed the hacker to \u201ctrick\u201d the protocol \u2014 he inflated INV quotes and used the asset as collateral on the Anchor Protocol market.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">2\/ The hack is made possible due to the price oracle manipulation bug so that when the INV (with highly manipulated price) is used as collateral to drain assets from <a href=\"https:\/\/twitter.com\/InverseFinance?ref_src=twsrc%5Etfw\">@InverseFinance<\/a>. <a href=\"https:\/\/t.co\/hDQG55XU5f\">pic.twitter.com\/hDQG55XU5f<\/a><\/p>\n<p>\u2014 PeckShield Inc. (@peckshield) <a href=\"https:\/\/twitter.com\/peckshield\/status\/1510234162183041024?ref_src=twsrc%5Etfw\">April 2, 2022<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The attacker needed to deposit 901 ETH (over $3.15 million) to carry out the attack. The funds came from the Tornado Cash mixer. The attacker also transferred most of the stolen assets to the service&#8217;s address.<\/p>\n<p>As of writing, the hacker&#8217;s address at <a href=\"https:\/\/etherscan.io\/address\/0x8b4c1083cd6aef062298e1fa900df9832c8351b3\">0x8b4c1083cd6aef062298e1fa900df9832c8351b3<\/a> is nearly drained.<\/p>\n<p>The Inverse Finance team suspended all lending operations on the Anchor Protocol market. The developers have contacted the hacker requesting the return of the stolen assets for a reward.<\/p>\n<p>One proposal to reimburse losses to affected users will be brought before the project\u2019s decentralized autonomous organization (DAO) for consideration.<\/p>\n<p>In March 2022, <a href=\"https:\/\/forklog.com\/en\/news\/ronin-the-ethereum-sidechain-hacked-attacker-siphons-625-million\">hackers attacked the Ronin sidechain of the Axie Infinity blockchain game<\/a>. The attackers withdrew assets worth $625 million.<\/p>\n<p>Read ForkLog&#8217;s Bitcoin news on our Telegram \u2014 cryptocurrency news, prices and analytics.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On April 2, the Inverse Finance lending project reported a hacking attack in which assets worth $15.6 million were stolen. The protocol team pledged to reimburse users&#8217; losses.<\/p>\n","protected":false},"author":1,"featured_media":59540,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1301,1154,1093],"class_list":["post-59539","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-blockchain-vulnerabilities","tag-crimes","tag-defi"],"aioseo_notices":[],"amp_enabled":true,"views":"50","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/59539","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=59539"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/59539\/revisions"}],"predecessor-version":[{"id":59541,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/59539\/revisions\/59541"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/59540"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=59539"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=59539"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=59539"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}