Sovryn, a decentralized finance protocol on the Bitcoin network, has lost more than $1 million in an exploit. The hackers used a price manipulation technique to exploit the proto
The exploit in question happened earlier this week, where the culprit stole more than $1 million worth of cryptocurrencies from the protocol. The stolen funds comprise 211,045 USDT and 44.93 RBTC.
A blog post from the DeFi platform on the matter said that the attacks targeted the Sovryn Borrow/Lend protocol, which affected the RBTC and USDT lending pools.
RBTC is a stablecoin like Tether (USDT). However, while USDT’s price is pegged to the US dollar, RBTC’s price is pegged to Bitcoin. The DeFi platform runs on Rootstock (RSK), a Bitcoin sidechain seeking to expand Bitcoin’s smart contract, decentralized application (DApp), and scaling capabilities.
The attackers withdrew part of the funds through the Sovryn AMM swap feature. Through this feature, the attacker managed to steal several tokens from the platform, with the recovery process for these funds still underway.
A spokesperson from Sovryn, Edan Yago, said this was the first successful exploit against the platform despite being in operation for two years. He also added that Sovryn was focused on security by being among the most audited DeFi platforms.
The attackers conducted this exploit by manipulating the price of iToken. iToken is an interest-bearing token representing the share of cryptocurrency a user holds within a lending pool. The price of the token is updated each time there is interaction with a lending pool position.
How the attackers stole the funds
The attackers stole the funds from the protocol using a price manipulation technique. Under this technique, the attacker purchased wrapped RBTC (WRBTC) through a flash swap in RskSwap. The attacker borrowed additional WRBTC from the Sovryn lending contract using XUSD. XUSD, also a stablecoin, was used as collateral during the transaction.
The attacker later provided liquidity to the RBTC lending contract and closed their loan using a swap with XUSD as the collateral. They later redeemed and burned their iRBTC token and sent the WRBTC back to RskSwap to complete the flash swap transaction.
The attack involved manipulating the price of iToken so that the attacker could withdraw more RBTC from the lending platform than their initial deposit. Sovryn also said that the funds belonging to users were not affected by the attack. The Sovryn Treasury will also reimburse the missing funds within the lending pools to guarantee the safety of user funds.