Polygon Lending Protocol, 0VIX has temporarily halted its lending and borrowing protocol after an exploit was detected which resulted in approximately $2 million worth of stablecoins being drained from the platform. The decision to pause the protocol was made to mitigate any further losses and investigate the issue. The exploit is believed to have occurred due to a vulnerability in a smart contract used by 0VIX. The platform has urged users to withdraw their funds as soon as possible and reassured them that their funds are safe if they are held on other platforms.
0VIX Lending Protocol on Polygon Exploited for $2 Million
0VIX, a lending protocol available on Polygon and Polygon zkEVM, has been targeted by hackers in a recent attack that reportedly caused a loss of at least $2 million. The protocol allows users to borrow against multiple stablecoins, derivatives of Ethereum and Polygon’s native MATIC token, as well as Aavegotchi’s staked token, vGHST.
According to Officer’s Notes, an independent security researcher, the attackers transferred $1.4 million in USDC and $600,000 in USDT via bridging protocol Stargate Finance as they attempted to transfer funds back to Ethereum and convert the stablecoins to ETH. In response, 0VIX temporarily paused the lending markets as they investigated the matter. The attack was carried out on the vGHST token.
PeckShield, a blockchain security and data analytics firm, reported that the attackers took out a flash loan of $6.12 million in stablecoins to manipulate the vGSHT lending pool on 0VIX. They then used the borrowed stablecoins to open vGSHT lending positions and manipulated the protocol’s price oracle. This caused Aavegotchi’s native token, GHST, to surge 24.7% in less than 30 minutes, according to CoinGecko.
The instant price surge of GHST caused the vGHST lending pool to become insolvent, and the attacker liquidated the pools, making off with the collateral. This type of attack is called a price oracle manipulation hack, which has become common in DeFi circles. Mango Markets on Solana and bZx exchange on Ethereum and BNB Chain were also hacked using the same technique for $100 million and $55 million, respectively.
To prevent these types of attacks, it is important for DeFi projects to have solid security measures in place. By working with experienced security partners and auditing their protocols regularly, DeFi projects can reduce the risk of attacks and protect their users’ funds. Stay updated with crypto news and get relevant information straight to your inbox by subscribing to our newsletter.