Deus Finance flash loan exploit nets hacker $13 million

A multi-chain DeFi protocol called Deus Finance DAO suffered a flash loan exploit on Thursday, with the hacker making off with about $13.4 million.

The unknown perpetrator carried out the exploit using a flash loan at around 2:40 AM UTC, according to on-chain data. Flash loans are loans taken out with a requirement that the borrowed sum be returned in the same transaction. These are made possible with smart contracts.

While flash loans are meant for arbitrage trading and improving capital efficiency, hackers have abused them to manipulate DeFi price data feeds — known as oracles — and carry out exploits.

According to blockchain security firm PeckShield, the Deus hacker took a flash loan to manipulate the price oracle within one of its liquidity pools on Fantom, involving a token called DEI paired against the USDC stablecoin. 


Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

In today's incident, the flash-loan assisted manipulation caused DEI's price to increase a lot, PeckShield explained in a post. This inflated value of DEI was then used as collateral to borrow additional capital, within the same flash loan transaction.

This additional borrowed capital was sold for USDC stablecoin, after which the hacker repaid the flash loan — netting about $13.4 million. The culprit then moved the exploited funds from Fantom to Ethereum, where they routed them through Tornado Cash, a mixing protocol used to obfuscate Ethereum transactions.

In response to today's incident, Deus Finance said it halted lending of the exploited DEI tokens. It further claimed that "user funds are safe" and more details will follow later.

This wasn't the first security incident for Deus Finance. The protocol lost $3 million to a flash loan exploit last month too. The incident added to the debate around flash loans and the potential risk they pose to DeFi protocols

About Author

Vishal Chawla is The Block’s crypto ecosystems editor and has spent over six years covering tech protocols, cybersecurity, artificial intelligence and cloud computing. Vishal likes to delve deep into blockchain intricacies to ensure readers are well-informed about the continuously evolving crypto landscape. He is also a staunch advocate for rigorous security practices in the space. Before joining The Block, Vishal held positions at IDG ComputerWorld, CIO, and Crypto Briefing. He can be reached on Twitter at @vishal4c and via email at [email protected]