The decentralized Sovryn Lending Protocol Lost $1.1 million in Cryptocurrency Due to Price Manipulation
The decentralized Finance Protocol (DeFi) based on the Bitcoin network called Sovryn has lost more than $1.1 million in cryptocurrencies. The developers of the project reported this in their blog.
The attackers carried out an attack on the credit issuance protocol, affecting the credit pools of the RBTC token (a token linked to the bitcoin exchange rate based on the Roostock sidechain, which has the functionality of smart contracts) and USDT. The attack allowed the unknown to withdraw $211,045 in USDT and 44.93 RBTC (~$915,000) using the asset conversion function.
The developers claim that they are still making efforts to return the funds.
It is reported that so far the developers have managed to regain access to half of the stolen funds. How exactly they were able to do this is unclear.
The attackers, as Sovryn found out, took advantage of the manipulation of lending. Due to the third-party exchanger RskSwap, they were able to withdraw much more cryptocurrency from Sovryn than was expected under a short-term loan.
Earlier, Immunefi analysts estimated that during the third quarter, the cryptocurrency market lost almost $430 million due to hacks. At the same time, about 99% of the attacks were on decentralized finance, and about 1% on centralized services.
Analysts explain such a large gap by the fact that everything in DeFi is tied to automation. In the case of centralized projects, fraudsters face several levels of protection.
The biggest incidents over the past quarter were attacks on the Nomad Bridge cross-chain (about $190 million was lost) and DeFi-market maker Wintermute (about $160 million was lost). Only these two projects accounted for about 79.85% of losses in the third quarter. Racoon Network and Freedom Protocol ($20 million), Impermax Finance ($7.4 million), Audius ($6 million) and others also entered the top incidents.