Decentralized finance (DeFi) platform Hope Lend on Ethereum was exploited for over 500 ether worth $825,000 in a hack that drained nearly all assets from the protocol.
Blockchain security firm, SlowMist reported that two individuals stole a combined 526 ETH from Hope Lend on October 18th by discovering and exploiting a vulnerability.
The successful hacker made off with 264 ETH after paying 263 ETH as a bribe to an Ethereum validator, according to CertiK. No details were provided on the nature of the exploit.
Hope Lend’s developers claimed the attack was conducted by a single hacker who netted 264 ETH in profit after validator payouts. They stated the impacted funds “remain secure” while the incident is investigated.
The attack occurred just two days after analytics provider DeFiLlama announced it would begin tracking Hope Lend’s smart contracts. At the time of writing, Hope Lend had virtually no remaining assets left in its protocol, according to on-chain data.
While Hope Lend did not explain the vulnerability leveraged, blockchain sleuth ZachXBT speculated it involved issues around Bitcoin decimal handling similar to a recent Wise exploit.
In its statement after the hack, Hope Lend stressed:
“It is crucial to emphasize that all protocols deployed on Hope are independent and will not impact the various other products and protocols currently live on the platform.”