Arcadia Finance, a DeFi Platform, Falls Victim to Exploit, Losing $455,000 as Total Value Locked Slumps by 76%

In a troubling turn of events, decentralized finance (DeFi) platform Arcadia Finance appears to have fallen prey to an exploit, resulting in a loss of approximately $455,000. Reports have surfaced, indicating that a prominent blockchain security firm has identified fraudulent transactions on the network, although Arcadia Finance has yet to acknowledge the incident.

On July 10, PeckShield, a leading blockchain security company, reported that one of its community contributors had discovered an exploit on Arcadia Finance, a margin lending platform operating on the Ethereum network and layer-2 network Optimism.

A DeFi Exploit Strikes Again

According to PeckShield’s findings, the exploit targeted both Ethereum and Optimism, resulting in losses estimated at $455,000. The perpetrator of the attack has reportedly transferred roughly 179 ETH by bridging 148 ETH and swapping 59,000 USDC to Tornado Cash.

PeckShield’s analysis of the hack reveals that the losses were caused by a lack of untrusted input validation, enabling the draining of funds from both the darcWETH and darcUSDC vaults. Additionally, the absence of reentrancy protection allowed for instant liquidation to bypass the internal vault health check, further facilitating the exploit.

Despite the seriousness of the situation, no alerts, updates, or detailed information regarding the incident were shared via Arcadia Finance’s Twitter account.

BeInCrypto reached out to Arcadia Finance for comment but had not received a response as of the time of publication. Arcadia Finance is a non-custodial protocol that facilitates composable cross-margin accounts on the blockchain.

Furthermore, DeFiLlama, a DeFi analytics platform, recently reported a substantial decline in the Total Value Locked (TVL) on Arcadia Finance. Within a span of a few hours, the TVL plummeted by 76%, dropping from $605,000 to $145,000.

Continued Exploits in the DeFi Space

This latest exploit targeting a DeFi platform follows the $126 million Multichain hack that occurred on July 7. In response, stablecoin issuers Tether and Circle took action by blacklisting five addresses that had received some of the stolen funds.

Moreover, earlier this month, the Poly Network suffered yet another attack, resulting in a loss of $10 million to hackers.

In a related incident, Robox, a leveraged NFT trading platform built on Solana, reported an exploit on June 10. The platform disclosed,

“We have detected and confirmed malicious activity that has resulted in the exploitation of our aggregated liquidity pool.”

However, detailed information regarding the exploit remains scarce at this time.

Discuss this news on our Telegram Community. Subscribe to us on Google news and do follow us on Twitter @Blockmanity

Disclaimer: Blockmanity is a news portal and does not provide any financial advice. Blockmanity's role is to inform the cryptocurrency and blockchain community about what's going on in this space. Please do your own due diligence before making any investment. Blockmanity won't be responsible for any loss of funds.