Latest DeFi Exploit: Visor Finance Hacked For $8M

The active liquidity management protocol Visor Finance became the latest decentralized finance (DeFi) exploit victim this week.

DeFi Hacked in 2021, Visor Finance hacked
DeFi Hacked | Image: Optimisus

The Visor Finance team announced the incident in a tweet on December 21, saying that the staking contract had been exploited and user funds would be replaced.

In addition, the team said that it will be implementing a token migration as per a snapshot before the exploit.

According to Visor Finance, a malicious smart contract drained the protocol’s staking contract of 8,812,958 VISR tokens. At the time that the attack happened, this was valued at about $8.1 million.

Based on reports, a flaw in the staking contract allowed a user-created contract to change the transaction function and remove the funds from the staking pool. Although the incident already happened, Visor Finance noted that its current audits are in process and a new contract will be written.

"We are engaged with both Quantstamp and ConsenSys Diligence for December and January audits and this new staking contract will be included."

Furthermore, the firm emphasizes that it will launch a new token to replace the old VISR token ticker symbol with the new one.

Aside from this, the team noted that this has already started and users will get rewarded 1:1 with the new token which it has already began listing.

Based on the blog post, the team noted, “No one should buy VISR as it will not be redeemable for the new token.”