- Raft Defi platform has suffered a loss of $3 million amid the depeg of its stablecoin.
- The platform’s response and the Defi landscape.
Raft, a decentralized finance (DeFi) platform, was recently attacked in a hack, resulting in the theft of around $3.3 million in ether (ETH) on a Friday afternoon. According to on-chain evidence, the attacker stole 1,577 ETH from Raft.
The Raft protocol recently experienced a complex security incident that resulted in the minting of ~$6.7M unbacked R.
The hacker subsequently sold R, affecting R’s price.https://t.co/WvVjyVUHh3
— Raft (@raft_fi) November 11, 2023
However, the attacker’s theft attempt may have failed, resulting in an unexpected net loss.
Hackers Stole 1,577 Ethereum From the Raft Defi platform
The attackers transmitted 1,570 ETH to a burn address, thereby erasing the majority of the stolen funds and leaving them with only 7 ETH. Notably, the hacker’s address had received 18 ETH via the Tornado Cash crypto mixer service before the attack, probably for funding transactions.
The exploiter’s crypto wallet was left with only 14 ETH after completing the transfers and covering blockchain costs, indicating a 4 ETH loss on the entire operation.
Meanwhile, Raft’s R dollar-pegged stablecoin experienced a sharp decline.
In the immediate aftermath, the stablecoin declined by up to 50% from its alleged $1 value. Nonetheless, according to Coinmarketcap data, it later recovered to roughly 70 cents. Raft co-founder David Garai verified the attack in a post on X (previously Twitter).
There's been an exploit situation for @raft_fi where the exploiter minted R (which was then sold to drain AMM liquidity), and also managed to withdraw collateral at the same time
We are investigating – post-mortem will follow soon
— DG (@davgarai) November 10, 2023
He commented on the exploiter’s strategy, revealing that R tokens were created and then sold in order to deplete automated market maker liquidity. Simultaneously, the attacker withdrew collateral from Raft, executing a deft play.
The Platform’s Response And The DeFi Landscape
In response to the attack’s aftermath, Garai indicated that the team is actively working on reimbursing affected users. For this purpose, they want to leverage the protocol-owned sDAI in the Peg Stability Module.
Raft is a DeFi lending platform that issues the R stablecoin, which is collateralized by liquid staking ether (ETH) derivatives such as Lido’s stETH. Users can generate R tokens by securing ETH derivatives. This was the second significant cryptocurrency exploit on that particular Friday. Earlier in the day, another attacker stole $114 million in digital assets from the centralized exchange Poloniex.
The incident highlights the ongoing difficulty that DeFi systems have in protecting their protocols from malicious attackers. Despite the failure, Raft’s proactive steps to leverage protocol-owned assets for repayment show a dedication to minimizing the impact on affected customers.
Security concerns remain a major issue in the broader context of decentralized finance. The Raft issue shows the possible vulnerabilities in smart contracts and underscores the importance of maintaining constant monitoring in the fast growing DeFi market.
As the industry grows, platforms must emphasize rigorous security measures in order to protect user cash and preserve trust in the decentralized ecosystem. While Raft’s stablecoin first experienced a large loss in value, the subsequent recovery demonstrates the DeFi market’s resiliency.
Users and investors, on the other hand, should be attentive and educated about the security mechanisms in place on the platforms with which they interact, as the danger landscape in the crypto space evolves.
Disclaimer: The information provided is not trading advice. Bitcoinworld.co.in holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.