Rho Markets, a liquidity layer and lending protocol built on Ethereum's second-layer network Scroll, announced on Friday (19th) that it would suspend the operation of the platform due to the detection of abnormal activities. An information security agency stated that Rho Markets has suffered from vulnerability exploitation. Possible losses exceed $7.6 million. However, the attacker has expressed his willingness to return the funds through a message on the chain.

Blockchain security company Cyvers stated on the social platform that Rho Markets’ move to suspend platform operations seems to be because a malicious actor gained control of access to the oracle machine, and the affected liquidity pools involved US dollars such as $USDC and $USDT. Stablecoin. The attacker currently holds $7.6 million worth of assets across multiple chains.

ALERT@RhoMarketsHQ has announced that they have detected unusual activity on their platform on#Scrollchain and paused the platform!Root cause of this incident seems to be an oracle access control by a malicious actor!Affected pools are $USDC, $USDT. Currently,… https://t.co/3mgkGam7Pe

— Cyvers Alerts (@CyversAlerts) July 19, 2024

Rho Markets said the team is currently investigating and said most pools are safe. The Scroll team has also been informed of potential vulnerabilities in its ecosystem, writing on the X platform:

"After verifying with the Rho Market team, we initiated a coordinated response. In order to thoroughly assess the situation, Scroll decided to temporarily delay the final confirmation of the chain. We have confirmed that the vulnerability is for a specific application. Rho Market is currently leading the response, and we can There will be no further delay in final confirmation.”

Shortly after, on-chain detective Zach users and are willing to return it in full." However, the attackers want Rho Market to first admit that the incident was not an exploit or hack, but rather the result of an improper configuration of the platform. The attackers also asked Rho Market to explain how they would prevent a similar incident from happening again.

Source: ZachXBT

Source

#USDT #USDC