Rho Markets, a liquidity layer and lending protocol built on the Scroll network, has been compromised in an exploit draining over $7.6 million worth of cryptocurrencies. The stolen funds primarily consisted of USD Coin (USDC) and Tether USD (USDT), two major stablecoins pegged to the US dollar.
Upon detecting unusual activity, Rho Markets promptly halted platform operations to prevent further losses. They are yet to disclose details regarding the specific Oracle vulnerability or a potential timeline for resuming operations.Â
According to blockchain security firm Cyvers, the exploit stemmed from a vulnerability within Rho Markets’ oracle system. Oracles act as bridges between blockchains and external data sources, feeding crucial real-world information into smart contracts. In this instance, a malicious actor gained unauthorized access to the oracle, enabling them to manipulate data and siphon off crypto assets.
Scroll network acknowledged a potential exploit within their ecosystem after verification with the Rho Markets team. Both parties initiated a coordinated response, including a temporary delay in chain finalization for a thorough assessment. Scroll has since confirmed the exploit was isolated to the Rho Markets application and chain finalization has resumed.
Scroll’s acknowledgment of the exploit and their coordinated response with Rho Markets highlight a broader effort within the DeFi ecosystem to mitigate such attacks. The temporary delay in chain finalization, though disruptive, indicates a commitment to comprehensive investigation.
However, Scroll’s confirmation that the exploit was specific to the Rho Markets application suggests the core Scroll network remains secure. The DeFi community will be looking for concrete steps from Rho Markets to strengthen their Oracle infrastructure and prevent similar attacks in the future.
Also Read: WazirX Hack: Investor Funds in Limbo as $230 Million Vanishes