DeFi hacks have gone through the roof in recent times and many will argue that the DeFi ecosystem has proven time and again that it is indeed an exploiter’s paradise.
Decentralized finance (DeFi) protocol Sturdy Finance is the latest victim in a long list of DeFi hacks. The Sturdy Finance platform has reportedly lost 442 ETH (worth a little above $800,000 as of publication), to a daring security exploit.
Blockchain security firm PeckShield was the first to notice what appeared to be a price manipulation by the attacker before it then alerted the lending platform to the bogus transaction on Monday.
It, however, took Sturdy Finance nearly an hour to respond to the claims by immediately halting all their markets. The DeFi protocol then confirmed the attack before assuring users that everything was under control. According to the platform, it has immediately taken necessary steps to ensure that no additional funds are at risk of being drained.
Despite Sturdy Finance’s seemingly fast response, however, the attacker was still able to cart away $800,000 in ETH and has since transferred the ill-gotten funds to the crypto mixer Tornado Cash, completing the faulty price oracle exploit.
Sturdy Finance, Not ‘Sturdy’ Security?
With the latest development, it might be easy to fault the victim platform. But it is also worth noting that the hack is only a further validation of the overall proneness of DeFi protocols to such attacks. DeFi hacks have gone through the roof in recent times and many will argue that the DeFi ecosystem has proven time and again that it is indeed an exploiter’s paradise.
There was the $625 million loss in the Ronin Bridge, then the $80 million theft that happened to Qubit Finance. More recently, Euler Finance also lost $196 million to a flash loan attack in March. So, it is clear that security challenges persist in the sector. But the reason for the challenges is not exactly unknown.
Recall that DeFi allows for financial transactions to occur on the blockchain without intermediaries. The decentralization bit and lack of clear regulation are what make DeFi vulnerable to various types of hacks to date.
However, DeFi generally has continued to evolve, showing impressive growth nonetheless. And so too must its security, if it is to enable a safer environment for users to navigate the ecosystem.