Raft, a decentralized finance (DeFi) platform, was hacked on Wednesday, May 19, causing over $3.3 million in losses and crippling the project. According to reports, the hacker had access to an exploited smart contract and injected malicious code before swapping all the stolen tokens and draining the user’s funds.
The attacker managed to take over $830,000 worth of Ethereum (ETH) and $1.35 million worth of Tether (USDT) tokens, with the remaining $678,000 in DAI stablecoins. Shortly after stealing the funds, the hacker sent them to their own wallet address and then burned the majority of them, leaving only $517,000 worth of the funds unharmed.
Raft team was quick to respond by examining the incident, pausing the withdrawal and deposits functions, and informing victims of the hack. The affected users were offered to convert their stolen tokens to the USDT-ERC20 stablecoins.
The company has since put efforts into ensuring such events do not occur again by fixing the vulnerability and increasing security. Meanwhile, the attacker is still at large with a portion of the funds, yet the Raft team is determined to track the hacker down.