Ethereum DeFi protocol Hope Lend drained after exploit

2



Ethereum decentralized finance (DeFi) protocol Hope Lend has next to zero assets left in its protocol after a devastating hack.

According to multiple blockchain security firms, on Oct. 18, two individuals, a frontrunner who beat the original hacker after discovering the exploit, and the original hacker itself, stole a combined 526 Ether (ETH) from Hope Lend worth $825,357 at the time of publication. “The successful attacker gained 264 ETH and paid a 263 ETH bribe to an ETH validator,” wrote CertiK. 

Hope.money, the DeFi protocol’s developer, presented a different version of the story. In its X thread, developers claim that a single hacker ran off with 526 Ether worth of users’ funds, paying 263.91 in bribes to a validator allegedly managed by Lido Finance, eventually netting a profit of 264.08 ETH. Hope.money staff said:

“It is crucial to emphasize that all protocols deployed on http://Hope.money are independent and will not impact the various other products and protocols currently live on the platform, including HopeCard、HopeSwap and $HOPE. We are committed to ensuring the protection of the affected users’ rights, and the corresponding funds remain secure.”

Two days prior, DeFi aggregator DeFiLlama announced it would begin tracking Hope Lend’s smart contracts for data curation. At the time of publication, Hope Lend had no noticeable assets left within the protocol. While developers did not state the reason for the incident, on-chain sleuth Spreek claimed that the hack “seems to be related to WBTC [wrapped Bitcoin] decimals and rounding, similar to the Wise Lending hack recently.”

Magazine: Elon Musk streams, Amazon partners with Immutable, MetalCore preview