Hacker withdrew $2 million from Akropolis DeFi protocol

by in DeFI News


An unknown attacker devastated the YCURVE and sUSD liquidity pools of the Akropolis project in DAI stablecoins worth $ 2 million. He hacked smart contracts that were audited twice.

According to analyst Stephen Zheng, the hacker withdrew assets in tranches of 50,000 DAI for seven hours until the liquidity in the pools was completely depleted.

Subsequently, the attacker transferred funds to a new address.

Trending: Vitalik Buterin's $25.000 Doge Investment Brought Him $4.3 M

DeFi project Akropolis allows you to take loans and generate profitability on cryptocurrency deposits.

According to the project's statement, the pools have been audited by two independent audit firms. They found no vulnerability in the savings portion of the service using the Curve protocol. The hacker carried out a series of attacks to obtain instant loans (flash loans). Such loans are repaid within one block of transactions, allowing you to not use collateral.

The project team started to perform several security procedures. All stablecoin pools have been suspended, and exchanges have received notifications. Third-party security experts work with developers to investigate the issue.

Funds in Compound DAI, Compound USDC, AAVE sUSD, AAVE bUSD, Curve bUSD, and Curve sBTC, as well as native AKRO and ADEL tokens, have not been damaged and are safe.

Trending: El Salvador prepares to legalize bitcoin

The project is studying ways to reimburse users for losses and will present its proposal shortly.

Against the background of reports of hacking, the Akropolis (AKRO) rate fell at the moment by 23%. The decrease in prices over the last day was 18.9%.

The incident did not generally affect the decentralized finance sector. According to DeFi Pulse, the number of blocked funds in the protocols set a new record of $ 13.74 billion.