Key Highlights
- About $240K lost after sDOLA price manipulation forced 27 users into liquidation on LlamaLend, not Inverse Finance.
- Flash loans worth ~$30M were used to exploit sDOLA, showing stablecoins can still be vulnerable in complex DeFi setups.
- Inverse Finance confirms DOLA itself is safe; the incident stems from external protocols using its token.
A suspicious transaction hit the DOLA token ecosystem, causing an estimated loss of around $240K. Security firm BlockSec Phalcon reported the incident on X, saying the unusual activity targeted a contract linked to Inverse Finance on Ethereum.
According to the post, the transaction exploited a DOLA price manipulation that forced multiple users into liquidation. “We have contacted the team but have not yet received a response,” BlockSec stated, urging all exposed users to take immediate action. The full technical details remain unclear, leaving uncertainty over whether additional users may still face risk.
Security firm CertiK Alert confirmed that the incident involved a clever exploit using around $30 million in flash loans. The attacker managed to manipulate sDOLA balances, which led to the liquidation of 27 users’ positions, earning roughly $240K in profit.
This is an example of how stablecoins such as DOLA can experience a price impact, especially if complex lending/borrowing systems are involved. Although Inverse Finance is responsible for DOLA as well as their fixed-rate lending platform, FiRM, the team has yet to provide a detailed explanation of how the price was manipulated.
Historical context of DOLA exploits
Inverse Finance has faced challenges before with DOLA and its money-market protocol, Frontier. In April 2022, Frontier—then called Anchor—lost $15.6 million in a price oracle manipulation. A hacker boosted the value of $INV tokens, which let them borrow against collateral and withdraw ETH, WBTC, YFI, and DOLA.
A second incident happened in June 2022, when Chainlink price data was manipulated, allowing flash loans to exploit yvcrv3crypto positions, causing around $5.83 million in losses. Therefore, both events exposed unexpected attack paths rather than obvious security flaws.
Inverse Finance denies direct breach
However, the protocol’s team quickly pushed back against characterizations of the event as a direct attack on Inverse Finance itself. Founder and developer at Inverse Finance, Nour Haridy clarified on X, “Inverse Finance was NOT affected. It’s simply an incident in an external protocol that uses DOLA token.”
Analyst YAM added, “This is NOT an InverseFinance exploit, but an issue with LlamaLend. The exploiter liquidated practically all users who supplied sDOLA and borrowed crvUSD on Llamalend.” He also explained that the attack involved a ‘donation attack’ that changed sDOLA’s value, unintentionally affecting users’ collateralized positions.
Clarification from Curve Finance
Speaking on the incident, Curve Finance team shared that the attack was made possible by a combination of factors, including the sDOLA price oracle and Llamalend.
“The attacker made a relatively small profit, but the attack emphasized the importance of handling vault collaterals in a specific manner in LlamaLend,” the team said, adding, “Borrowers who borrowed against sDOLA were liquidated, lenders are unaffected, and holders of sDOLA made some profit.”
Curve further said that an investigation is ongoing to check if any of other similar markets are affected and LlamaLend V2 is made safe with ‘donation-vulnerable’ vault collaterals at all market sizes.
Also Read: Kalshi CEO Responds to $500M Iran Prediction Market Backlash
