Hack Tender.fi: 1.59 million dollars reimbursed by the hacker

Tweet from the Tender.fi protocol that alerts its users.

A hack that ends well – Each week, protocols from the ecosystem of the decentralized finance (DeFi) are victims of hacking. Luckily, in some cases, the hack is performed by a big-hearted hacker. This is the case of Tender.fi, which came close to disaster.


Hack Tender.fi: $1.56 million siphoned off

Tender.fi is a decentralized lending and borrowing protocol on layer 2 Arbitrum. Under the hood, Tender.fi is based on a fork of the Compound protocol.

On March 7, the protocol alerted its users to the presence of suspicious movements on the platform. Indeed, the latter have detected an unusual number of borrowings on the protocol.

“We are investigating an unusual number of loans that have gone through the protocol. In the meantime, we have suspended all loans. We thank you for your patience. »

Tweet from the Tender.fi protocol that alerts its users.
Tender.fi alerts its users – Source: Twitter.

Quickly, the sentence falls: $1.59 million have been siphoned off in the protocol pools. The hack was, it would seem, possible following a bad configuration of an oracle. According to the first information reported by the account lookonchain specialized in on-chain analysis.

Therefore, the attacker was able to manipulate the price of the oracle. Thus, he borrowed $1.59 million having deposited only 1 GMX, or about $71.

>> Play it safe, register on Binance THE benchmark for crypto exchanges (commercial link) <<

All’s well that ends well for Tender.fi

Following this attack, the Tender.fi teams undertook to contact the hacker. Both via Debank messaging and via on-chain transactions.

Fortunately, as some Internet users had expected, this attack was the work of a white hat. Thus, the Tender.fi teams managed to find an arrangement with the latter.

According to message published on-chain, the white hat hacker has agreed to repay the siphoned funds. However, this one will be able to keep 62.16 ETH, or about 5% of the funds, as a reward.

“The White Hat will repay all loans minus 62.158670296 ETH. These funds will be kept as a Bounty for helping to secure the protocol. »

For its part, the Tender.fi team will reimburse the value of the reward to the protocol, so that it does not present a bad debt.

“The Tender.fi team will refund the value of the Bounty to the protocol, so there will be no bad debt and users will not be affected. »

Finally, in the evening around 8 p.m. French time, the white hat made a repayment of the loan, as agreed with the Tender.fi teams. The latter then announced that the funds were officially ” SaFu“.

Tweet from Tender.fi claiming to have recovered the funds.
Tender.fi claims to have recovered the funds.

All’s well that ends well, for a day that must have been full of twists and turns for the teams and the community of Tender.fi.

This amicable resolution will allow Tender.fi not to add its stone to the edifice of the protocols having led to the loss of the funds of its users. In effect,in 2022 DeFi recorded $3.8 billion in losses in hacks.

Take advantage of the opportunities to buy low-cost cryptos that the market offers us! To not miss the opportunity of a lifetime, register quickly on the Binance platformSave 10% on your trading fees by following this link (trading link).

Last Verdict

To get more updates about the insurance you can follow our website or can bookmark it.

Leave a Reply

Your email address will not be published. Required fields are marked *