Raft Hack Led To $6.7M In Uncollateralized Stablecoin R Being Minted

Key Points:

• Raft hack occurred resulting in $3.3 million loss in Ethereum on November 10.
• Attempt to manipulate stablecoin R results in a 70% drop in value; hacker unintentionally mints $6.7 million uncollateralized R.

On the evening of November 10, DeFi platform Raft fell victim to a sophisticated attack, resulting in a staggering $3.3 million worth of Ethereum (ETH) being withdrawn. The assailant targeted Raft’s stablecoin R, leading to a drastic 70% loss in its value.

Raft Hack Sees $3.3M Withdrawn and Unintended Consequences

An analysis by PeckShield revealed that the attack on Raft’s collateralized stablecoin protocol went awry for the hackers. Approximately $6.7 million worth of uncollateralized stablecoin R was minted, indicating a misjudged effort to exploit the system.

The hacker manipulated the rcbETH-c index of the collateral token, borrowing/minting $6.7 million worth of R and subsequently minting additional rcbETH-c to redeem the donation.

Hacker’s Miscalculation and Market Impact

Blockchain data uncovered that the attacker stole 1,577 ETH from the Raft hack, transferring 1,570 ETH to a burn address and leaving a mere 7 ETH. Prior to the attack, the hacker mixed 18 ETH through the Tornado Cash service, possibly to fund the operation. Despite transaction fees, the hacker’s wallet showed a net loss of 4 ETH.

Raft’s R stablecoin initially plummeted by 70% from its $1 peg but later rebounded to around 70 cents. Co-founder David Garai confirmed the security breach on X (formerly Twitter), explaining that hackers minted R, sold them to drain liquidity, and withdrew collateral from the Raft hack.

Raft, a DeFi lending platform, issues stablecoin R collateralized by ETH liquid staking derivatives such as Lido’s stETH, allowing users to utilize stETH as collateral to borrow R. The incident underscores the persistent challenges and risks associated with the evolving DeFi landscape.

DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.