Inverse Finance DeFi Lender was hacked for about $15.6 million

It's the third multimillion-dollar cryptocurrency attack to hit the news in the last few days.


DeFi Lender Inverse Finance exploited for $15.6 million.
Inverse Finance

Inverse Finance (INV), an Ethereum-based lending system, announced on Saturday that it had been hacked and that an attacker had made off with $15.6 million in cryptocurrencies.


According to Inverse, the attacker went after the Anchor (ANC) money market, intentionally manipulating token prices in order to borrow money with very little collateral.



This is the third multimillion-dollar hack of the Decentralized Finance (DeFi) system to hit the news this week, highlighting attackers' more sophisticated tactics.


On Tuesday, the gaming-focused Ronin network reported a crypto loss of more than $625 million, and two days later, lending protocol Ola Finance revealed that it had been hacked for $3.6 million.


The Inverse attacker took use of a vulnerability in a Keep3r pricing oracle that Inverse employs to track token prices, according to blockchain security firm PeckShield.



The attacker deceived the oracle into believing Inverse's INV token was extremely valuable, then borrowed millions of dollars from Anchor using the inflated INV as collateral.


The hack was well-funded; to carry it off, the attacker first withdrew 901 ETH (about $3 million) from Tornado Cash, a cryptocurrency that allows users to send money without leaving a trail.


The mysterious funds were subsequently pumped into multiple trading pairings on the decentralized exchange SushiSwap, increasing the price of INV in the view of the Keep3r price oracle.


The attacker then took out INV-backed loans on Anchor once the price of INV had risen sufficiently, before arbitrageurs reduced the price of INV back down to normal levels.


The attack was high-risk, according to a PeckShield official, because the $3 million worth of crypto used to deceive the pricing oracle would have been completely lost if the price of INV had returned to normal levels before the attacker took out the loans.


The attacker made off with 1,588 ETH, 94 WBTC, 39 YFI, and 3,999,669 DOLA in total. Most of the funds have been cycled back through Tornado Cash, making it difficult to predict where they will wind up, although 73.5 ETH (about $250,000) remains in the attacker's initial Ethereum wallet.


Inverse said that all borrowing on Anchor has been temporarily halted. Aside from this, a representative said that the protocol is working with Chainlink to establish a new INV oracle.


Inverse also said it will make a proposal to its decentralized autonomous organization (DAO) to "guarantee all wallets impacted by the price manipulation are compensated 100 percent," though it did not elaborate.