DeFi Protocol Prisma Finance Falls Victim to $10 Million Exploit

Hacker

The Prisma Finance hacker has commenced swapping the stolen funds to ETH.

Popular decentralized finance (DeFi) platform, Prisma Finance, has been compromised in an exploit resulting in the loss of approximately $10 million worth of crypto assets. The incident has raised concerns about the security of DeFi protocols. 

Prisma Finance Exploited For $10 million 

On-chain security alert provider Cyvers was the first to detect the anomaly on March 28. 

“Our system has detected multiple suspicious transactions with @PrismaFi and are still ongoing. The total loss so far is around $9M. The attacker has been funded by @FixedFloat! Our system has detected the malicious contract 2 min earlier than hack transactions,” the security provider said. 

The exploit targeted Prisma Finance’s smart contracts, allowing the attackers to siphon funds from the platform. According to the investigation, the attackers exploited a vulnerability in the platform’s code that enabled them to transfer funds from various liquidity pools and other protocol functions.   

Cyvers Alert Notification 

Following the initial alert, Cyvers quickly identified and detected an additional $1 million in fraudulent transactions, totaling the exploited funds to nearly $10 million. 

“The attack is ongoing, with the total loss now increased to ~3,257.7 $ETH (worth ~$11.6 million). To vault owners, please follow up on notifications from the official source and be cautious about scams,” Cyvers added.   

Shortly after the exploit, Prisma Finance, a DeFi liquidity staking protocol with over $222 million in TVL, announced that its core engineers and contributors would suspend the protocol and initiate an investigation. 

The DeFi platform also urged all users to revoke all connections to prevent further loss of funds. 

Prisma Finance Assures Users

The DeFi platform has reassured its users that measures are being implemented to enhance the security of its smart contracts and prevent similar exploits in the future.  

Additionally, Prisma Finance has committed to regularly updating its community about the ongoing investigation progress and actions taken to rectify the breach. 

Meanwhile, due to the recent event, other scammers are attempting to capitalize on the exploit. According to the official Prisma Finance announcement, a fraudulent Prisma Finance account with a golden badge strives to redirect users to a suspicious and dubious link.