Rhea Finance has been hit by a suspected exploit, with blockchain security firm CertiK reporting that at least $7.6 million has been extracted from the protocol. The incident was flagged on 16 April, with early findings suggesting the attacker manipulated liquidity pools using fake token contracts. At the time of writing, the Rhea Finance team has not issued a public response. Exploit linked to fake tokens and oracle manipulation According to CertiK, the attacker created fraudulent token contracts and added liquidity to newly formed pools. This activity likely misled the protocol's oracle and validation mechanisms, allowing the attacker to extract funds. Such attacks typically rely on distorting price feeds or liquidity signals. This enables attackers to exploit discrepancies between perceived and actual asset values within the protocol. While full technical details have yet to be confirmed, the reported method points to a form of oracle manipulation, a recurring vulnerability in decentralized finance systems. On-chain impact and platform exposure CertiK estimates that approximately $7.6 million has been drained so far, though the figure may change as more data emerges. Data from DefiLlama shows Rhea Finance currently holds around $128 million in total value locked [TVL], suggesting the exploit represents a notable portion of platform liquidity. The movement of funds has been tracked on-chain, with the attacker routing assets through multiple addresses, a common tactic used to obscure transaction trails following exploits. Team yet to respond as investigation continues Rhea Finance has not commented publicly on the incident, leaving details around the exploit, potential containment measures, and recovery efforts unclear. The lack of immediate communication places the focus on third-party tracking and on-chain analysis as the situation develops. The exploit adds to a growing list of attacks targeting DeFi protocols through manipulation of liquidity and pricing mechanisms. Also, it highlights persistent risks in systems reliant on external data inputs. Final Summary Rhea Finance has reportedly suffered a $7.6 million exploit, with attackers using fake tokens and liquidity pools to manipulate oracle mechanisms. With the team yet to respond, the full scope of the attack and potential recovery efforts remain unclear as investigations continue.
Rhea Finance hit by $7.6M exploit as attacker manipulates liquidity pools
This article was originally published on AMBCrypto and is republished here under RSS syndication for informational purposes. All rights and intellectual property remain with the original author. If you are the author and wish to have this article removed, please contact us at [email protected].
