Bent Finance, a staking and farming platform was the latest victim of hackers targeting decentralized finance or DeFi protocols. After realizing the exploit, Bent Finance reported no loss of funds which quickly changed to theft of 440 Ethereum or $1.6 million.
Timeline of the event
After Bent Finance made its initial statement about the exploit, Peckshield, a third-party security firm suspected a rug-pull event and tweeted,
“We have located the hack tx, which interestingly is sent from the Bent Finance: Deployer Bent Finance !!! What is going on?!”
In a shocking revelation, Bent Finance responded that “we seem the same and are working through it right now.” This sent shock waves among the holders and other crypto users.
This was not an event expected by Bent Finance and thus, it put in charge two independent white hat developers to inspect the incident. Shortly after it noted,
“There was an exploit from the bent deployer address, it added balance of cvxcrv and mim to an address on an unverified update 20 days ago. We just discovered this today. There are multiple members on this team and we will make this right.”
The users were advised to withdraw the funds until the exploit was investigated and assured to recover the stolen funds from its curve pool.
Although Bent Finance did not announce the stolen amount, Joe McGill, crypto fraud investigator and former member of the US Secret Service announced the theft was close to 440 Ethereum, equivalent to $1.6 million.
McGill tweeted,
It is not been a secure year for DeFi protocols as the continuous hack has drained victims of over $7 billion worth in crypto. This was more than an 81% rise compared to the statistics last year. With security becoming a recurring problem and rug pulls becoming more common, the DeFi protocols may have to take stricter actions in an event of a hack.