coin-img-ETHETH-1.13%coin-img-BTCBTC+0.01%coin-img-SOLSOL+2.84%coin-img-XRPXRP+3.39%coin-img-TOMTOM+2,332.03%coin-img-BENZBENZ+17.30%coin-img-USDCUSDC+0.00%coin-img-DOGEDOGE+2.91%coin-img-ETHETH-1.13%coin-img-BTCBTC+0.01%coin-img-SOLSOL+2.84%coin-img-XRPXRP+3.39%coin-img-TOMTOM+2,332.03%coin-img-BENZBENZ+17.30%coin-img-USDCUSDC+0.00%coin-img-DOGEDOGE+2.91%coin-img-ETHETH-1.13%coin-img-BTCBTC+0.01%coin-img-SOLSOL+2.84%coin-img-XRPXRP+3.39%coin-img-TOMTOM+2,332.03%coin-img-BENZBENZ+17.30%coin-img-USDCUSDC+0.00%coin-img-DOGEDOGE+2.91%coin-img-ETHETH-1.13%coin-img-BTCBTC+0.01%coin-img-SOLSOL+2.84%coin-img-XRPXRP+3.39%coin-img-TOMTOM+2,332.03%coin-img-BENZBENZ+17.30%coin-img-USDCUSDC+0.00%coin-img-DOGEDOGE+2.91%

Rhea Finance Suffers Suspected $7.6M Exploit Involving Fake Tokens and Oracle Manipulation

Rhea Finance has reportedly been hit by an exploit, with blockchain security firm CertiK estimating that at least $7.6 million has been siphoned from the protocol. CertiK flagged the incident on 16 April, citing early indications that the attacker used fake token contracts to manipulate liquidity pools. Rhea Finance had not issued a public statement at the time of writing. CertiK said the attacker deployed fraudulent token contracts and supplied liquidity to newly created pools. The activity may have distorted the protocol's oracle and validation checks, enabling the extraction of funds. Such attacks typically hinge on skewing price feeds or liquidity signals so that the protocol misprices assets relative to their real market value. While full technical details have not been confirmed, the pattern aligns with a form of oracle manipulation, a recurring risk across decentralized finance. CertiK's estimate puts losses at about $7.6 million so far, though the number could shift as additional onchain data is reviewed. DefiLlama data shows Rhea Finance holds roughly $128 million in total value locked (TVL), indicating the reported drain represents a meaningful share of available liquidity. Onchain tracking shows the attacker moving assets through multiple addresses, a common step used to complicate transaction tracing after exploits. With no public update from the team, details around the exploit's scope, any containment measures, and potential recovery plans remain uncertain. The incident underscores ongoing exposure for DeFi protocols to attacks that exploit weaknesses in liquidity and pricing mechanisms, especially where systems depend on external data inputs. Final Summary Rhea Finance is reported to have lost $7.6 million in a suspected exploit in which an attacker used fake tokens and new liquidity pools to manipulate oracle mechanisms. With the team yet to comment, the full impact and any recovery efforts remain unclear as investigations continue.
Selected
RHEA
RHEA+0.00%
Disclaimer: The content above is only the author's opinion and does not represent BingX’s stance. It shall not be construed as investment advice from BingX. For details, refer to the Terms and Conditions.