In an interesting turn of events, Rho Markets, a lending protocol built on Ethereum Scroll’s layer-two networks, had a disheartening experience with gray-chip hackers involving the temporary loss of $7.6 million in user assets.
Rho Markets Security Flaw Exposed by Gray Hat
In a X post On Friday, Rho Markets announced that it had noticed suspicious activity on its platform, prompting it to suspend all operations and launch an investigation. The crypto lending platform assured all users that the majority of its token pools were secure and there was no cause for concern.
Related readings: $235 Million Cryptocurrency Theft From WazirX Was ‘Perpetrated’ By North Korean Hackers, Report Reveals
However, Cyvers alerts revealed that Rho Markets had been compromised, with attackers stealing $7.6 million in assets from the platform’s USDT and USDC token pools. They further stated that the incident occurred due to these strange actors gaining access to Rho Markets’ USDT and USDC token pools. oracle control.
For context, an oracle is a mechanism that provides external data to a blockchain allowing smart contracts to operate efficiently with access to real-time information. Therefore, by manipulating the oracle, hackers were able to alter the data being passed to smart contracts on Rho Markets, allowing them to move assets off the DeFi platform.
However, hackers Soon sent a message on the channel showing his willingness to return the stolen funds, but under certain conditions. The message read:
Hello RHO Team, our MEV bot took advantage of your price oracle misconfiguration. We understand that the funds belong to the users and are ready to return them in full. But first we would like you to admit that this was not an exploit or hack, but a misconfiguration on your part. Also, please tell us what you plan to do to prevent this from happening again.
This development indicated that Rho Markets was dealing with “grey hat” hackers, i.e. individuals who hack platforms with good intentions, perhaps to expose potential vulnerabilities in the system. “Grey hat” hackers typically conduct their operations without the permission of their targets, unlike white hat hackers employed by platforms to detect possible security breaches.
Rho Markets recovers assets, promises better security measures
Hours after the security incident, Rho Markets announcement They managed to rectify the situation with all user assets confirmed to be safe. In the future, they intend to refund their USDC, USDT, and WETH pools, as well as identify all active supply accounts at the time of the attack. Finally, Rho Markets states that it will systematically resume borrowing and transfer services on the platform, but in strict compliance with strict security protocols.
Featured image by Lajoj/Medium, chart by Tradingview.com