Markets

Ethereum Layer 2 Scroll Stops Chain Finalization After Rho Markets Suffers $7.6M Breach

Published

6 months ago

on

Ethereum’s layer 2 network, Scroll, has delayed the finalization of its chain due to a potentially exploitable bug within its ecosystem.

On July 19, Rho Markets, a blockchain lending protocol, detected unusual activities and suspended operations to be investigated.

Notice from Blockchain Security Firm Cyvers reported a hack of approximately $7.6 million on Rho Markets’ USDC and USDT pools. The company stated:

“The root cause of this incident appears to be an access control to the oracle by a malicious actor!”

According to DeBank control PanelThe exploiter’s wallet contains 2,203 ETH worth $7.5 million and other assets such as Mantle’s MNT, Binance’s BNB, and Fantom’s FTM tokens.

In response, Scroll Network said it was delaying the finalization of its chain. The project stated:

“After checking with the Rho Markets team, we initiated a coordinated response. To carefully assess the situation, Scroll decided to temporarily delay the finalization of the chain. We confirmed that the exploit was application-specific.”

Meanwhile, Scroll’s decision has sparked a debate over the decentralization of the network. Critics argue that delaying the chain contradicts the decentralized principleswhile supporters believe the move was necessary to protect users’ assets.

Andy, the co-founder of The Rollup, declared:

“Until things are close to being fully decentralized, I think it’s fair to pause the finalization of the state to prevent user funds from being lost. Especially for an ecosystem project that is trying to innovate. I don’t know what that says about Scroll’s censorship resistance.”

Whitehat hacker?

Meanwhile, the attacker appears intent on returning the stolen funds, which suggests that the incident may have been a whitehat act.

On-chain messages shared by blockchain investigator ZachXBT show the attacker’s willingness to return the funds. The message law:

“Hello RHO team, our MEV bot profited from the misconfiguration of your price oracle. We know that the funds belong to the users and we are willing to return them in full. But first, we would like you to admit that it was a misconfiguration, not an exploit or hack. Also, tell us how you will prevent this from happening again.”

Specifically, on-chain data shows that the attacker’s address is linked to several centralized cryptocurrency exchanges, including Binance, Gate, KuCoin, and OKX.

Mentioned in this article

Fuente

Related Topics:

Leave a Reply

Your email address will not be published. Required fields are marked *

Información básica sobre protección de datos Ver más

  • Responsable: Miguel Mamador.
  • Finalidad:  Moderar los comentarios.
  • Legitimación:  Por consentimiento del interesado.
  • Destinatarios y encargados de tratamiento:  No se ceden o comunican datos a terceros para prestar este servicio. El Titular ha contratado los servicios de alojamiento web a Banahosting que actúa como encargado de tratamiento.
  • Derechos: Acceder, rectificar y suprimir los datos.
  • Información Adicional: Puede consultar la información detallada en la Política de Privacidad.

Trending

Exit mobile version