Ola Finance, a decentralized lending platform, lost $3.6 million in cryptocurrencies to a hacker who utilized a Re-Entrancy attack to drain funds from the protocol.
PeckShield, a notable blockchain security company, investigated the attack and concluded that the hacker exploited a Re-Entrancy bug and hacked the smart contracts that govern Ola Finance.
This attack comes just days after the Ronin network, the chain hosting the popular Play-to-Earn game, Axie Infinity, was compromised and lost $625 million. These attacks have highlighted the security challenges facing the blockchain ecosystem.
Ola Finance disclosed that the official report on the attack, co-prepared with PeckShield, would be made public.
“We will soon be publishing an official report detailing the exploit that occurred on the @voltfinance Lending Network and the plan for recourse.
Thank you to @peckshield for providing swift coverage and helping us analyze the root of the exploit.”
The hacker was able to withdraw cryptocurrencies via Tornado Cash, which is designed to add anonymity to transactions. Funds were transferred to the Fuse network allowing them to take out loans and use the crypto as collateral on Ola Finance. Exploiting the re-entrancy bug, the hacker withdrew their collateral and did not repay the loans.
This was done on multiple pools in Ola Finance on different occasions. The stolen cryptocurrencies were subsequently transferred to Ether and BNB Chain-related wallets.
Ola Finance’s services on Fuse Network have currently been suspended.
If you would like to read more news articles like this, follow DeFi Planet on Twitter, LinkedIn, Instagram and Facebook.
