USDC

Rho Markets, a scroll-based money market, suffered an exploit that resulted in a loss of over $7.5 million.&nbsp;
The incident saw the perpetrator drain 2,203 ETH in just nine minutes. Following the breach, Rho Markets&nbsp;<a style="text-decoration:none" href="https://x.com/RhoMarketsHQ/status/1814250369637294258">paused</a> blockchain finality to assess if the issue was specific to their application.&nbsp;
&nbsp;
<blockquote>
 "We’ve detected unusual activity on our platform and are currently investigating it,” the team announced on its X account.
</blockquote>
<h2 dir="ltr" id="span-span-exploit-mechanics-span-span">Exploit Mechanics</h2>
The attacker exploited a vulnerability in Rho Markets’ oracle system. Oracles are critical as they provide off-chain data to smart contracts. By manipulating the oracle, the hacker drained the protocol’s entire supply of USDT and USDC stablecoins. They withdrew more than double the posted collateral in Ether.
&nbsp;
Blockchain security firm Cyvers initially suspected ‘Oracle access control by a malicious actor’ as the root cause. This was later confirmed by BlockSec, which noted a strange ownership transfer of the Oracle contract. On-chain detective ZachXBT suggested there was a high probability of fund recovery due to the attacker’s exposure to centralized exchanges.
&nbsp;
Data from Debank&nbsp;<a style="text-decoration:none" href="https://debank.com/profile/0xe000008459b74a91e306a47c808061dfa372000e/history">confirmed</a> that the $7.5 million in Ether remained in the attacker’s wallet at the time of reporting. The exploit was highlighted by an X user who linked to the attacker’s address, revealing a gain of $7.5 million.
<h2 dir="ltr" id="span-span-hacker-s-demands-span-span">Hacker's Demands</h2>
In a surprising turn, the attacker, operating an MEV bot,&nbsp;<a style="text-decoration:none" href="https://x.com/zachxbt/status/1814286415347544211">offered</a> to return the funds. The condition: Rho Markets must publicly admit to an oracle misconfiguration error. The attacker communicated via an on-chain message on the Ethereum mainnet:
&nbsp;
<blockquote>
 "Hello RHO team, our MEV bot have profited from your price oracle misconfiguration. We understand that the funds belong to the users and are willing to fully return. But first we would like you to admit that it was not an exploit or a hack, but a misconfiguration on your end. Also, please provide what are you going to do to prevent it from happening again.”
</blockquote>
Recently, Rho Markets announced on Twitter that the incident has been resolved and funds will be reallocated back to borrow pools soon.&nbsp;
<div>
 <blockquote class="twitter-tweet">
 Dear Rho Fam, We are pleased to inform you that the incident has been successfully resolved. 🔸We are currently in the process of reallocating funds back to the borrow pools. Rest assured, a comprehensive postmortem report will be shared with the community in due course. 🔸In…— Rho Markets📜 | Rho.scroll (@RhoMarketsHQ) <a href="https://twitter.com/RhoMarketsHQ/status/1814332036095861135?ref_src=twsrc%5Etfw">July 19, 2024</a>
 </blockquote> 
</div>
Rho Markets holds approximately $22.17 million worth of assets, according to <a href="https://defillama.com/protocol/rho-markets#information">DeFiLlama</a>.&nbsp;

Rho Markets Hit by $7.5M Hack, Attackers Demand Admission of Oracle Error for Fund Return

Table of Contents

BSCN

Other articles published on Jul 25, 2024

Google Trends: “Onchain” Search Rises as Coinbase’s Strategy Ignites Crypto Adoption

NFTCOLO: A Comprehensive Review for 2024

Mega Interest Rate Cut Coming in the US? Expectations Soared! Here are the Latest Forecast Data

Celestia’s New Rival Launches in Mainnet: What is Avail DA?

New ITU report ranks Nigeria high for 5G, digital transformation readiness

Celestia’s New Rival Launches in Mainnet: What is Avail DA?

Join our free newsletter for daily crypto updates!