The team behind Rhea Finance has delivered an initial update after a part of its ecosystem was exploited. This statement’s wording suggests that the story is still developing.
As stated in the following announcement, the team discovered this vulnerability around ten hours prior to the update release and urgently shifted their scopes towards securing user funds and an arranged response.
This is a key moment for which speedy action is needed, and from what we understand from the details available so far, that seems to be exactly what the team are doing on a number of fronts.There are still details to be filled in at this point, but it seems clear that the exploit was not random right.
One access point was pinpointed, which has been secured.Your priorities right now are simple, first, stop the breach; second, retrieve compromised resources; third, conduct a forensic investigation to determine how it happened.
Preliminary investigations indicate that the perpetrator made use of a bug linked to Rhea Finance’s Margin Trading mechanism.
Specifically, the vulnerability existed in the Rhea Lend smart contract. Importantly, however, the DEX part of the platform was not impacted. This is an important distinction as it means that this was a targeted exploit, not a systemic failure.
The lending also has DEX contracts that are in a paused state, neither being affected any anything currently–they just erred on the side of caution to prevent exposing anything more while investigations were ongoing.
Most importantly the rNEAR asset continues to operate and is not paused. That implies the cyberattack was targeted, but experts are still trying to understand its full impact.
Even targeted exploits, however, can have more wide ranging implications if they affect more basic financial primitives like borrowing and margin trading.
So recovery operations have started. Our team is following the funds and making contact with those involved. This approach suggests there is still some way to recover some of the lost assets.
The addresses under surveillance include:
ETH: etherscan. io/address/0xbb5f…
NEAR: nearblocks. io/address/31ac7a…
While the team is monitoring internally, it has retained an outside security firm to help as well. They include detailed forensic analysis, real-time asset movement tracking capabilities and coordination of recovery plans.
This is a multi-layered response that does not just include your own internal resources but engages specialists who have dealt with this type of situation.
This sort of collaboration usually increases the chances of both understanding how an exploit works and when possible, recouping assets.
The reaction does not stop with on-chain metrics.
Rhea Finance also confirmed that notifications have been sent to its relevant law enforcement agencies, suggesting that investigators could potentially go beyond simply tracing blockchain records and into gathering evidence before commencing formal legal proceedings.
Though involving the law may slow things down in some circumstances, it also places additional strain on the attacker, especially if distinguishing patterns or off-chain links arise and become apparent.
The team has committed to updating the announcement as new data comes to light. An incident report is expected to be released once the investigation has concluded.
That’s the sort of thing this report should answer, how the vulnerability existed, why it wasn’t found sooner and what safeguards will be in place to stop similar situations in future.
Trust that the team remains focused on containment, recovery and communicating with users until then. In the make-or-break world of crypto, how cleanup is handled might be just as significant as the actual exploit.
Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services.
Follow us on Twitter @themerklehash to stay updated with the latest Crypto, NFT, AI, Cybersecurity, and Metaverse news!
Bitget officially launched pre-IPO access to OpenAI via its IPO Prime platform which deepens their…
Tether's presence in decentralized tech space is growing due to the launch of its developer…
While challenges remain, the decentralized finance sector is moving forward, and Huma Finance's exploit serves…
Chainlink is continuing its mission to be the most widely integrated infrastructure in crypto, adding…
A vulnerability in one of the core DeFi protocols on Sui Network exposes the ecosystem…
Polygon has made a big move in cementing its mission as one of the leading…