Fantasm Finance DeFi Project Exploited for $2.6 Million

This week’s attack on Fantom Network-based synthetic asset protocol Fantasm Finance saw the loss of US$2.6 million worth of Ethereum. The stolen funds were run through the Tornado cash mixing service and totalled 1,007 ETH.

According to the protocol’s Medium page, the team will conduct a postmortem and consider all compensation options for victims.

Another Day, Another DeFi Hack

The address of the attacker shows the extent of the theft, with 1.8 million FTM remaining in the pool for redemption:

Since the March 9 exploit, the attacker has been using Tornado cash to mask transactions. Tornado Cash is a service that breaks the link between source and destination addresses, thereby obscuring the transaction history.

Attacks on DeFi Remain Rife

The crypto space and DeFi, in particular, have been under attack by hackers seeking to exploit protocols. The reason for the frequency with which new projects launch without undergoing a security audit makes them very vulnerable to attackers. In January, Algorand-based DeFi platform ‘Tinyman’ was exploited for US$3 million. The team at Algorand quickly tweeted it it had been compromised and pulled the remaining liquidity from the project.

The most recent DeFi attack prior to Fantasm targeted Polygon DeFi protocol QiDao’s Superfluid vesting contract, draining US$13 million. User funds on QiDao however remained safe, as the exploit was “solely on Superfluid”, according to the Polygon-based DeFi protocol.