An Account of the Recent White Hat Attack on DeFi Protocol

In the latest development in the world of Decentralized Finance (DeFi),, a DeFi lending protocol, fell victim to a white hat attack. The alleged ethical hacker behind the attack had managed to drain a whopping $1.6 million from the platform, forcing the service to halt borrowing while it attempts to recover its assets.

The attack, which took place on Mar-07-2023 at 08:21:38 AM +UTC, has caused significant concern among the DeFi community. According to Numen Cyber’s on-chain monitoring, the attacker siphoned 198 ETH, 541700 USDC, 16 WBTC, 8798 UNI, 50011 DAI, 36700 USDT, 24975 FRAX, and 16,203 LINK, causing the native token of the (TND) project to fall by over 30% before recovering slightly after the recovery of funds.

Timeline of Events confirmed an incident on March 7th that led to the depletion of funds after various community users raised concerns. took to Twitter to acknowledge the issue and announced that they were investigating an unusually high amount of borrows, which led to the depletion of funds. As a result, the platform temporarily halted all borrowing activities until the investigation was complete.

The native token of (TND) plummeted over 30% in response to news of a suspected black hat hacking incident. The market reacted swiftly, with investors reacting to the news of the platform’s loss of funds.

Vulnerability Details

The attack on has exposed a critical flaw in the platform’s smart contract code, specifically its price oracle, which allowed the attacker to exploit the system and make off with $1.6 million worth of cryptocurrencies. The attacker was able to obtain tGMX tokens by purchasing them with initial funds and then proceeded to borrow using the tETH.borrow method. However, the borrowing process had an error in the price calculation, specifically in the GMXPriceOracle.getUnderlyingPrice method.

The initial price was multiplied by both 1e20 and 1e10, resulting in a significant increase in the price of tGMX tokens. This allowed the attacker to borrow large sums of money, which eventually led to the loss of millions of dollars in funds for

Attacker’s address:


Transaction Details


Tenderfi has rewarded a bounty of 62 ETH, which is approximately 6% of the exploited funds, to the White Hat. This amount is consistent with the industry standard for rewarding white hats who find and report security vulnerabilities. The White Hat who discovered the exploit promptly notified the Tenderfi team, who then worked quickly to repay the exploited funds.

Following the transaction’s completion, took to Twitter to confirm that their funds were officially secure. The platform also announced that it would conduct a post-mortem analysis of the attack to identify areas of improvement and prevent similar incidents in the future. Their native token, TND has since bounced back slightly since the recovery of funds.


The swift and cooperative response from both the White Hat and the Tenderfi team is highly commendable. This type of collaboration between security researchers and blockchain companies is critical to creating a safer and more secure ecosystem.


More Posts