Arcadia Finance, a noncustodial decentralized finance (DeFi) protocol, fell victim to a hack resulting in the theft of approximately $455,000. Blockchain investigator PeckShield identified a code vulnerability in Arcadia Finance that allowed the hacker to exploit the lack of untrusted input validation. The absence of a validation mechanism to verify unverified inputs enabled the hacker to drain funds from Ethereum (darcWETH) and Optimism (darcUSDC) vaults.
Arcadia Finance acknowledged the hack two hours after being alerted by PeckShield and promptly paused the affected contracts to prevent further fund loss. While investigations are ongoing, PeckShield also discovered another vulnerability in Arcadia’s code related to reentrancy protection. If exploited, this vulnerability could have severe consequences for the protocol.
The majority of the stolen funds, roughly 180 Ether (ETH), were from Optimism and have since been laundered through Tornado Cash. However, the stolen tokens on the Ethereum network, valued at over $103,000, are still held in the suspected wallet address.
The second quarter of 2023 witnessed a series of hacks and exploits in the crypto space, resulting in a cumulative loss exceeding $300 million. According to a report by blockchain security company CertiK, there were 212 security incidents during the quarter, leading to a total loss of $313,566,528 across Web3 protocols.
Comparing the data to the previous year’s second quarter, CertiK noted a 58% decline in crypto hacks. Among the incidents, the Binance Smart Chain (BNB) experienced the highest number of occurrences, with 119 incidents resulting in losses totaling $70,711,385.
Get $200 Free Bitcoins every hour! No Deposit No Credit Card required. Sign Up