Rho Markets saw a $7.6M exploit due to an Oracle access control vulnerability.
The exploiter offered to return the funds only if the team admits to a misconfiguration error.
Rho Markets has resolved the issue, with plans to restore affected balances and enhance security protocols.
An individual claiming responsibility for a $7.6 million exploit of lending protocol Rho Markets on the Scroll blockchain has offered to return the stolen funds, but with a catch. The individual is demanding that Rho Markets publicly acknowledge the incident as a misconfiguration rather than an exploit or hack.
We've detected unusual activity on our platform and are currently investigating it. During this time, we will be pausing the platform. Most of the pools are safe, so there is no need to worry. We will keep the community updated on the progress of our investigation. The platform…
— Rho Markets📜 | Rho.scroll (@RhoMarketsHQ) July 19, 2024
On Friday, July 19, Rho Markets acknowledged detecting unusual activity on its system and paused operations to investigate the matter.
According to blockchain security firm Cyvers Alert, the incident resulted in a loss of approximately $7.6 million from Rho Markets’ USDC and USDT pools. The report noted that a malicious actor exploited an Oracle access control vulnerability to execute the hack.
The exploiters, meanwhile, reached out to the RHO team via an on-chain message, acknowledging that their MEV bot had taken advantage of the price oracle misconfiguration. The exploiters took responsibility for their actions, stating that they understand the funds belong to the users and are willing to return them in full.
However, they attached a condition to their offer: they want the Rho Markets team to publicly acknowledge that the incident was not an exploit or a hack but rather a misconfiguration on their end. Furthermore, the exploiter is seeking assurances from the team on what measures they will take to prevent such an incident from recurring.
Crypto detective ZachXBT called attention to the exploiter’s message in a recent post on X.
Good news everyone the exploiter sent this message on-chain https://t.co/HA6YIgKalq pic.twitter.com/cRw56OtNTp
— ZachXBT (@zachxbt) July 19, 2024
Through a subsequent update, Rho Markets disclosed that the detected issue had been successfully resolved, with “no funds lost” in the process. The team noted they are now in the process of reassigning funds back to the borrow pools and outlined a three-step plan to ensure a seamless restoration of affected balances.
Dear Rho Fams,We are thrilled to announce that the issue has been successfully resolved, no fund get LOST, and we are currently in the process of reassigning funds back to the borrow pools.Moving forward, we have outlined the following three meticulously planned steps in… pic.twitter.com/4ZhlpxhBmn
— Rho Markets📜 | Rho.scroll (@RhoMarketsHQ) July 19, 2024
This includes identifying affected accounts, replenishing funds into the USDC/USDT/wstETH pools, and reinstating borrowing and transfer functionalities with enhanced security protocols. With the situation now under control, the Rho Markets team expressed gratitude for the understanding and support of its valued users during this time.
The post Rho Markets Recovers $7.6 Million in Stolen Funds, Exploiter Demands ‘Misconfiguration’ Tag appeared first on Coin Edition.