Project Akropolis (AKRO) lost a DAI worth $ 2 million as a result of a hacker attack
Thursday morning. The Decentralized Finance Protocol (DeFi) Akropolis lost $ 2 million in DAI as a result of an exploit
According to the update provided by Akropolis, the team assesses the losses in detail and examines the ways of returning lost funds to the injured.
Akropolis is a DeFi loan and savings service provider that allows users to borrow and generate profits from cryptocurrency deposits. The savings part of the service, which uses the Curve protocol, was used in the attack.
Contract with address 0xe2307837524Db8961C4541f943598654240bd62f , which appears to be an exploit, launched a series of attacks on dYdX flash loans on YCurve and sUSD Akropolis savings pools
A $ 2 million DAI was sent to: 0x9f26ae5cd245bfeeb5926c79cd614975c .
Funds do not appear to have left this address to date.
Flash loans allow users to borrow funds immediately as they are returned in a single transaction block (on ethereum), meaning users can take advantage of unsecured loans.
In the event of the Akropolis attack, the combination of the re-entry attack and the dYdX instant loan was used up with savings pools. According to Akropolis, the pools were audited by two companies, but the attack vectors used by the hacker were not identified in any of the audits.
According to Akropolis, most of the funds on the protocol are safe. DAI, USDC, AAVE sUSD, bUSD, and sBTC remained unchanged. The home pots for staking AKRO and ADEL also remained untouched.
Meanwhile, all stablecoin pools have been halted and exchanges have been informed of the hack. The Akropolis team is in talks with security specialists as they review development and security processes for the upcoming analysis.
Sources:
https://akropolis.substack.com/p/delphi-savings-pool-exploit?r=1qvfn