An unknown hacker has stolen $30 million from the Fantom-based DeFi project Grim Finance.
The hacker exploited a reentrancy bug in the project’s smart contracts.
Following the attack, Grim Finance’s total value locked has tumbled from $98.9 million to $4.2 million, while its native token GRIM is down 70%.
Share this article
Grim Finance, a DeFi protocol built on Fantom, has become the target of a $30 million hack.
Fantom Project Hit By $30 Million Hack
Grim Finance has been hacked.
This weekend, an unknown attacker stole $30 million from the project’s yield vaults.
The Grim Finance team announced the attack in a Sunday tweet, revealing the total losses and that it had identified the hacker’s address.
Hello Grim Community,
It is with heavy hearts that we inform you that our platform was exploited today by an external attacker roughly 6 hours ago. The attackers address has been identified with over 30 million dollars worth of theft here https://t.co/qA3iBTSepb
— Grim Finance (@financegrim) December 19, 2021
Grim Finance is a DeFi project built on Fantom. It functions similarly to the popular Ethereum ( $1,335.14 ) protocol Yearn.Finance, letting users deposit crypto assets like FTM to “vaults.” The project’s vaults use complex multi-step strategies across DeFi to generate lucrative yields for users.
The team described the incident as an “advanced attack” in which a hacker exploited a reentrancy bug to steal funds deposited in its vaults. The hacker used the bug to drain over $30 million worth of FTM. Their transaction history shows a paper trail of interactions with Fantom-based decentralized exchanges like SpookySwap, where they exchanged their stolen tokens for stablecoins.
The DeFi space has seen millions of dollars worth of losses due to other similar reentrancy bugs over the last year. In August, an attacker exploited a reentrancy bug in Cream Finance’s smart contracts to steal $17.6 million. They later returned the majority of the funds.
Following the hack, the Grim Finance team announced that it had paused its vaults and notified Circle, Maker, and AnySwap to “potentially freeze” further transfers. The total value locked in the protocol, meanwhile, has tumbled from $98.9 million to $4.2 million following the incident, per data provided by DeFiLlama. The GRIM token is also down about 70% following the attack, trading at $0.23 at press time.
Disclosure: At the time of writing, the author of this piece owned ETH and other cryptocurrencies.
Share this article
The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.
You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.
See full terms and conditions.
DeFi Project Cream Finance Suffers $34 Million Hack
Cream Finance has reported a major hack that a $34 million loss, according to the team. Reentrancy Bug Behind Cream Finance Exploit Cream Finance has been exploited. The DeFi lending protocol…
$120M Lost in BadgerDAO DeFi Hack
BadgerDAO, a DeFi protocol for earning yield with tokenized Bitcoin ( $19,577.89 ) on Ethereum ( $1,335.14 ) , has fallen victim to an attack. The hacker reportedly added a malicious script to the protocol’s frontend website,…
AscendEX Exchange Loses $77.7M in Latest Crypto Hack
The AscendEX crypto exchange was hacked for $77.7 million due to a compromised hot wallet. AscendEX Will Compensate Affected Users Singapore-based AscendEX was hacked. On Saturday, centralized crypto exchange AscendEX…
Audience Survey: Win A $360 Subscription To Pro BTC Trader
We’re doing this because we want to be better at picking advertisers for Cryptobriefing.com and explaining to them, “Who are our visitors? What do they care about?” Answer our questions…