DeFi protocols are still being hacked, with Grim Finance being the most recent victim.
Grim Finance, a self-described compounding yield optimizer, has been hacked in a reentrancy attack, with the attacker stealing up to $30 million in Fantom tokens.
On Sunday, the DeFi protocol took to Twitter to warn its followers of the hack. The attacker abused the project’s vault contract through five reentrancy loops, the researchers said, describing it as a “sophisticated attack.”
According to this address, this allowed the attacker to impersonate five more deposits into a vault, resulting in the theft of $30 million in FTM. The majority of the tokens have already been transmitted to other DEXs by the hacker.
The team stated it has temporarily shut down all of its vaults to “avoid any future cash from being put at risk,” and asked all users to withdraw their money.
Customers have followed Grim Finance’s recommendations, according to DeFiLlama data. Before the attack, the total value locked in the DeFi protocol was over $120 million, but it’s now down to barely $4 million.