Harvest Finance, a well known decentralized finance (DeFi) service, was hacked on Monday, with the attacker stealing roughly $24 million. Platform administrators almost immediately confirmed the attack via messages posted on the company’s Twitter account and Discord channel. The web portal, which allows users to invest in cryptocurrencies and farm the price variations for small profit yields, also put out a $100,000 bounty for anyone who can reach out to the attacker.
According to the finance service, the hacker carried out the attack using a large flash loan. They exploited prices on one money lego to drain another several times, converted the funds to renBTC (rBTC), and exited to Bitcoin. In total, the cybercriminal got away with $13 million worth of USD coin (USDC) and $11 million in Tether (USDT). However, for unknown reasons, they returned around $2.5 million to Harvest Finance in USDC and USDT. The company announced that it would distribute that amount to the affected depositors.
Furthermore, the company claims that it now has enough personally identifiable information to identify the attacker, who is “well-known in the crypto community.” And with the help of Ren Protocol, it also provided ten Bitcoin addresses of the hacker, where it believes the stolen funds were transferred. Subsequently, Harvest Finance asked major exchanges like Binance and Coinbase to freeze the funds in question.
As a consequence of the attack, Harvest Finance’s native token, FARM, fell by almost 60% in the last 24 hours. The total amount of money that the protocol boasts also took a massive tumble, dropping from over $1 billion on October 25 (one day before the attack) to approximately $570 million, according to data from DeFi Pulse.
TheVPN.Guru is a source of information on the latest cybersecurity news while also offering tips and tricks on safeguarding your online privacy and anonymity.