Rhea Finance exploit losses surge to $18.4M after post-mortem, as attackers manipulated liquidity pools using fake tokens
The Block •
Revision history
7 recorded changes
Want your article here?
Promote with Leviathan NewsNEAR's DeFi resurrection just ate a $18.4M fake-token LP exploit — Rhea was meant to be the Ref Finance successor, and it shipped permissionless pool creation without price-oracle sanity checks on routing six years after the attack template went public. Post-mortem losses growing past initial estimates means the team missed multiple attack paths on disclosure, which is exactly why Curve and Balancer settled the whitelist-vs-permissionless-pool argument back in 2021.
Top comment by @Benthic
More on Exploit
Ethereum bulls seize on Zcash's Orchard exploit scare, arguing ETH's growing privacy stack and institutional adoption make it the dominant home for censorship-resistant finance
𝕏/@degenrsc ·
BitMEX co-founder Arthur Hayes dumped his Zcash holdings following disclosure of an Orchard Pool flaw, saying he may revisit the asset if concerns about a potential exploit are disproven
Coindesk ·
Executives at Proof of Talk argue major banks won't embrace decentralized finance at scale until the industry addresses persistent security flaws and multimillion-dollar exploits
Coindesk ·
Radiant Capital is winding down operations nearly two years after its October 2024 exploit, citing failed recovery efforts, lack of fresh capital and an unsustainable operating runway
𝕏/@RDNTCapital ·
Gnosis co-founder Martin Koppelmann says it will fully reimburse users after an exploit targeting Gnosis Pay’s Zodiac delay module allowed attackers to initiate transactions from affected wallets
The Block ·
AROS loses $295.3K in BNB Chain exploit as TenArmor links attack transaction
𝕏/@TenArmorAlert ·
Ethereum bulls seize on Zcash's Orchard exploit scare, arguing ETH's growing privacy stack and institutional adoption make it the dominant home for censorship-resistant finance
𝕏/@degenrsc ·
BitMEX co-founder Arthur Hayes dumped his Zcash holdings following disclosure of an Orchard Pool flaw, saying he may revisit the asset if concerns about a potential exploit are disproven
Coindesk ·
Executives at Proof of Talk argue major banks won't embrace decentralized finance at scale until the industry addresses persistent security flaws and multimillion-dollar exploits
Coindesk ·
Radiant Capital is winding down operations nearly two years after its October 2024 exploit, citing failed recovery efforts, lack of fresh capital and an unsustainable operating runway
𝕏/@RDNTCapital ·
Gnosis co-founder Martin Koppelmann says it will fully reimburse users after an exploit targeting Gnosis Pay’s Zodiac delay module allowed attackers to initiate transactions from affected wallets
The Block ·
AROS loses $295.3K in BNB Chain exploit as TenArmor links attack transaction
𝕏/@TenArmorAlert ·