The decentralized finance (DeFi) protocol DEUS Finance was hit hard by a security breach, resulting in the loss of over $6 million worth of DEI stablecoins.
The hacker managed to exploit a vulnerability in the BNB Smart Chain (BSC) on May 5, and the attack was reported by the blockchain security firm PeckShield.
Exploiting vulnerabilities in BSC and Arbitrum
The hacker initiated the breach on the BSC through a bot, leading to a loss of more than $1.3 million. Additionally, the attacker targeted the Arbitrum network, with ARB/ETH deployments losing over $5 million.
It was reported on Twitter that the token contract had a basic implementation error, which served as the root cause of the attack.
DEUS Finance confirmed the attack and took immediate measures, pausing all contracts and burning DEI tokens to prevent further damage.
The team stated on Twitter that they are “currently in the process of comprehending the actual backing of DEI tokens” and that a “comprehensive recovery and redemption plan” will be created after a thorough analysis of balances and snapshots.
DEI stablecoin is used as collateral for third-party instruments built on the Fantom protocol. The price of DEI dropped by 30% within 24 hours, according to CoinMarketCap data.
The stablecoin is currently trading at $0.20, losing its $0.30 peg. The DEI stablecoin also lost its $1 peg last year following the Terra collapse.
This is not the first time DEUS Finance has faced a security breach. In March 2022, the protocol was exploited in a flash-loan attack, leading to over $3 million in losses in Dai and Ether.
PeckShield revealed at the time that the exploiters funneled the stolen funds using the crypto mixer Tornado Cash.
DEUS Finance is a decentralized marketplace that allows the trading of digital and non-digital assets, such as commodities, on the Ethereum blockchain.
The DEI token has previously been hacked, losing its $1 peg and its more recent $0.3 peg during the recent assault. The stablecoin is trading at $0.2 at the time of writing.
The project is now reaching out to the community for help to overcome the consequences of the hack. The DUES token has dropped more than 33% after the news broke.
A fundamental implementation error in the token contract is a problem in the token contract’s code that impacts the contract’s functioning or security.
DEI’s role in Deus Finance infrastructure
DEI stablecoin is used as collateral for every financial instrument and protocol designed on the Deus Finance infrastructure.
Deus Finance aims to make enterprise-grade blockchain derivatives accessible to the general public, serving as the foundation for on-chain digital derivatives such as synthetic stocks, commodities, FX, and cryptocurrency.
On April 28, hackers compromised Deus Finance, resulting in losses of up to $13.4 million, with the majority of the stolen assets being Ethereum (ETH).
The use of a flash loan to manipulate the price oracle enabled the hack, which was triggered using 800 ETH withdrawn from Tornado Cash and transferred to Fantom through MultiChain. The stolen funds were eventually converted to ETH and deposited into the hacker’s account.