Decentralized Finance (DeFi) protocol Linear Finance issued a warning to users that it had suffered a significant exploit on Thursday.
The attack led to a catastrophic loss of liquidity for the LUSD token on Ascendex and PancakeSwap.
Linear Finance Suffers Exploit
Linear Finance, a DeFi protocol, issued an urgent update on X (formerly Twitter), warning users that its native stablecoin, LUSD, could be under an exploit attack. The announcement resulted in significant concerns in the larger crypto ecosystem and prompted the Linear Finance team to take immediate and decisive action.
“Urgent Update Re $LUSD The Linear stable coin $LUSD appears to be under an exploit attack. While the team investigates, DO NOT BUY LUSD, DO NOT TRADE $LUSD Liquidations are paused, and users’ accounts are not at risk. Further updates will follow.”
The protocol stated that all liquidations are paused until the team finishes its investigation. It also assured users that their accounts are not at risk. The LUSD stablecoin was initially trading at around $0.9883, registering a significant surge since yesterday. However, the coin dropped to an intraday low of $0.9073 following considerable security concerns.
Details Of The Attack
According to the available information, the hacker managed to exploit a vulnerability in the protocol. This allowed them to enable the illicit mining of an unlimited supply of AAVE tokens. These were traded to LUSD on the Linear exchange and then sold on PancakeSwap and Ascendex. This led to the liquidity of the LUSD being completely drained. The team issued a separate statement regarding the attack, stating,
“On 21st Sept 2023, the Linear Finance protocol was subject to an attack that resulted in the draining of all ℓUSD liquidity on both PancakeSwap and Ascendex, resulting in the price of ℓUSD going to zero. The attacker could mint an unlimited supply of ℓAAVE and subsequently traded the liquid asset to ℓUSD on the Linear Exchange before selling it on PancakeSwap and Ascendex.”
Apart from cautioning its users, the protocol asked its users not to buy or trade LUSD for the time being. The team also assured users that liquidations were temporarily halted, alleviating the immediate concern that most users had. This would also ensure that user accounts remain secure during this period.
Protective Measures
The Linear Finance team paused all protocol contracts that facilitate token minting, burning, or exchanging. The team also disabled the Linear bridge contract for LUSD. Additionally, the team has enlisted the help of an industry-leading team to track down the attackers and help restore the protocol.
“All protocol contracts that allow tokens to be minted, burnt, or exchanged have been paused. The Linear bridge contract has been disabled for ℓUSD. The Linear Team have engaged an industry-leading team to track the attacker(s) and bring them to justice. Wallets known to have taken part in the exploit have been shared with all major exchanges and authorities.”
Linear Finance also urged users to be patient and promised to resolve the situation immediately.
“Restoring the protocol and un-doing the damage for our users will be our highest priority until the issue is fully resolved. We apologize sincerely to all of our users. At this stage, we regretfully ask for your patience and support, and we assure you that we will continue to update you on a regular basis.”
Events such as hacks and scams can cause considerable disruptions and uncertainty in the crypto ecosystem. However, Linear Finance’s quick response should reassure its users and also serve as a reminder about the importance of transparency and proactiveness.
Linear Finance’s XRP Listing
Linear Finance had showcased considerable growth before the hack, with the listing of XRP as a significant development. The addition of XRP was a key development for both parties. XRP had recently been relisted on major exchanges following a favorable court ruling for the company against the United States Securities and Exchange Commission. As a result, XRP is available on exchanges such as Kraken, Bitstamp, and Coindesk.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.