Decentralized finance (DeFi) protocol DEUS Finance experienced a significant security breach over the weekend, resulting in a loss of over $6 million. Interestingly, a sizable portion of the funds has been recovered since then. The hack, reportedly initiated through a vulnerability in the stablecoin DEI, affected both the BNB Smart Chain and the Arbitrum networks.
DEI, which is designed to maintain a $1 peg, has been trading below this value since May last year, with a current price of $0.28, according to CoinMarketCap data. The BNB Smart Chain attack exploited a public burn vulnerability, resulting in a loss of over $1.3 million, as delineated in a tweet by blockchain security firm PeckShield. Moreover, the attack on Arbitrum led to a loss of over $5 million. Arbitrum is a layer 2 scaling solution for Ethereum, functioning with its own ARB token.
Some users attributed the breach to a “basic implementation error in the token contract.” However, recovery efforts are in full swing. A user who has reportedly been working to restore the lost funds claimed the utilization of white hat hacking techniques to help recover part of the lost assets.
In an update, the user announced that the funds had been sent to a specific wallet managed by DeFi developer @lafachief and “trusted members” of the Yearn Finance DeFi project. DEUS later confirmed on Twitter that the recovered funds (2,023 ETH tokens worth around $3.8 million) were stored in a multi-signature wallet. The wallet also holds $158,857 worth of DEUS tokens and $702,370 in USDC.
While it is reassuring to witness the recovery of a substantial portion of lost funds, it remains uncertain whether the remaining funds can be reclaimed and if those affected will be compensated. This incident underscores the inherent risks associated with DeFi platforms and serves as a reminder that even the most promising projects can fall prey to vulnerabilities.
In light of these events, it is crucial for DeFi participants to remain vigilant and actively assess the security protocols of the platforms they interact with. Simultaneously, DeFi projects must prioritize the implementation of robust security measures to prevent such incidents from occurring in the future.