In response, the lending platform halted all markets and assured its community that no additional funds were in danger.
A security flaw in the Sturdy Finance decentralized finance (DeFi) protocol led to the loss of 442 Ether, or over $800,000. The attacker was able to siphon money from the platform by taking advantage of a flaw in the protocol’s flawed price oracle.
A suspicious transaction involving price manipulation was reported to Sturdy Finance by the blockchain security company PeckShield on June 12. at response, the DeFi protocol quickly halted all of its markets and assured customers that no additional monies were at danger.
![Attacker drains $800K from DeFi protocol Sturdy Finance image 90](https://i0.wp.com/nosisnews.com/wp-content/uploads/2023/06/image-90.png?resize=633%2C294&ssl=1)
![Attacker drains $800K from DeFi protocol Sturdy Finance image 90](https://i0.wp.com/nosisnews.com/wp-content/uploads/2023/06/image-90.png?resize=633%2C294&ssl=1)
The DeFi loan site reacted quickly, but PeckShield discovered that the attacker had successfully transferred the stolen ETH, totaling around $800,000, to the cryptocurrency mixer Tornado Cash. The security company determined that the exploit’s primary cause was a flawed price oracle.
Related: Attacker utilizes an illicit proposal to take control of Tornado Cash
Hackers used a method in the attack where they could call a function several times in a single transaction before the first function call was finished. This exploited the vulnerability and allowed the attackers to withdraw more money than was permitted.
![Attacker drains $800K from DeFi protocol Sturdy Finance image 91](https://i0.wp.com/nosisnews.com/wp-content/uploads/2023/06/image-91.png?resize=639%2C574&ssl=1)
![Attacker drains $800K from DeFi protocol Sturdy Finance image 91](https://i0.wp.com/nosisnews.com/wp-content/uploads/2023/06/image-91.png?resize=639%2C574&ssl=1)
In a second incident, con artists were able to take over eight Twitter accounts belonged to well-known members of the cryptocurrency community. Nearly $1 million worth of cryptocurrency was stolen as a result of these compromised accounts being used to advertise various cryptocurrency frauds. DJ Steve Aoki, Cole Villemain, the founder of Pudgy Penguins, and even crypto skeptic Peter Schiff all had accounts that were impacted.
Related: Scammers Hijack Crypto Twitter Accounts, Steal Nearly $1M: What You Need to Know