EraLend Publishes The Progress Of The Attack With 8 Suspicious Addresses

Key Points:

• EraLend’s zkSync protocol attacked, losing $3.4 million.
• Attackers dispersed funds across 3 blockchains, 8 addresses.
• The protocol seeks community help, and suspends operations temporarily.

EraLend, a prominent decentralized lending protocol operating on Layer 2 zkSync, was recently targeted in an unfortunate attack that led to a significant loss of $3.4 million.

The exploit, which involved manipulating the price of the oracle machine, affected the USDC mining pool, resulting in a loss of approximately $2.76 million. The incident has caused EraLend’s Total Value Locked (TVL) to experience a considerable decline.

In an official announcement, EraLend revealed that the attackers executed a sophisticated strategy by utilizing multiple bridges to disperse the exploited funds across various wallets on 3 different blockchains. Currently, the funds are distributed among 8 addresses, prompting EraLend to closely monitor their movements.

Upon discovering the security breach, EraLend promptly mobilized its resources and enlisted the support of various stakeholders, including bridges, security teams, exchanges, and law enforcement, to collaborate on a thorough investigation and trace the flow of the funds. The primary focus remains on recovering the stolen assets, ensuring the protection of the protocol’s 500,000 users.

The lending platform has taken immediate measures to mitigate the further impact. As a precautionary step, borrowing operations, USDC supply, and SyncSwap LP supply have been temporarily paused. Additionally, the interest rate for the USDC pool has been significantly reduced to safeguard borrowing positions from potential liquidation during this period of vulnerability.

EraLend’s priority is to safeguard its valued community, and the protocol is actively seeking assistance from its users and the wider community to aid in the recovery efforts. The platform urges anyone with relevant information to come forward and help in the investigation.

The attack comes as a setback for EraLend, which has played a significant role as one of the earliest-developed lending platforms in the zkSync Era ecosystem. Prior to the incident, the protocol had undergone an audit by security firm Peckshield to ensure its robustness.

Security analysts from BlockSec, who have been supporting EraLend in addressing the issue, confirmed the exploit and have been working closely with the platform to bolster security measures and prevent similar incidents in the future.

In response to the security breach, EraLend has temporarily suspended all USDC deposits and borrowing activities until further notice. Users are advised to remain vigilant and stay updated on the developments as the situation unfolds.

DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.