Arbitrum-based Rodeo Finance loses $888,000 in latest DeFi exploit: PeckShield

  • 📰 TheBlock__
  • ⏱ Reading Time:
  • 57 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 26%
  • Publisher: 53%

Business News News

Business Business Latest News,Business Business Headlines

ICYMI: Arbitrum-based Rodeo Finance loses $1.5 million in latest DeFi exploit

The Rodeo Finance team has not yet issued a response or statement regarding the incident.

Complex maneuvers like these have over the last few years become tools for hackers who manipulate oracle price data feeds to execute exploits, as seen in the case of Rodeo Finance. The Rodeo exploit is not an isolated occurrence, rather it is part of a trend that has been plaguing the Arbitrum ecosystem over the past few months.

The firm said there was a critical flaw in Rodeo Finance’s “Investor.earn” routine, designed to swap USDC for wrapped ether and then for another liquid staking token called unshETH. The anticipated slippage control, meant to prevent excessive price deviation during a transaction, did not function correctly due to an erroneous unshETH price oracle.

Further exacerbating the situation was the significant discrepancy between the oracle-reported unshETH price and its expected value. The oracle cited the price of unshETH at $4219, whereas its typical rate compared to WETH should have placed it around $1880. This discrepancy facilitated the hacker’s ability to manipulate trades, profiting from a system loophole while the protocol’s slippage controls failed to intervene.

 

Thank you for your comment. Your comment will be published after being reviewed.
Please try again later.
We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

 /  🏆 464. in BUSİNESS

Business Business Latest News, Business Business Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

Arbitrum-based Rodeo Finance loses $1.5 million in latest DeFi exploitThe Rodeo hacker moved the stolen funds from Arbitrum to Ethereum and routed these through Tornado Cash to obfuscate the fund’s trail.
Source: TheBlock__ - 🏆 464. / 53 Read more »

Arbitrum-based Rodeo Finance exploited for second time, $1.5M stolenThe exploiter wallet address still holds over 374 ETH, and Etherscan has marked the address as linked to the Rodeo exploit. According to data shared by blockchain analytic firm peckshield, the exploiter later bridged the stolen funds from Arbitrum to Ethereum and swapped 285 ETH for unshETH. The exploiter then deposited the ETH on Eth2 staking.
Source: Cointelegraph - 🏆 562. / 51 Read more »

DeFi protocol Arcadia Finance hacked on Ethereum and Optimism for $455kWhile the investigations are underway, Arcadia’s code houses another vulnerability, which could prove catastrophic for the protocol if exploited. PeckShield reveals the cause of Arcadia Finance hack. The code did not validate untrusted inputs. Hacker drained $455K from darcWETH and darcUSDC vaults.
Source: Cointelegraph - 🏆 562. / 51 Read more »