The DeFi sector has once again suffered a major blow in an attack targeted at yield farming protocol, Harvest Finance
News emerging this morning reveals that a hacker drained over $24 million from Harvest Finance, who are in the process of making the FARM token tank. According to CoinGecko, the platform’s native token plummeted by 65% less than an hour after the exploit. The details of the hack remain unclear at the time of press.
Analytics service provider, DeFi prime, corroborated news of the attack via Twitter saying, “Something shady is going on with Harvest Finance and huge arbs between Harvest and Curve. It’s a developing situation and needs to be monitored closely.”
The Harvest Finance team has been updating users with the specifics through twitter feed. It seems that the attack was targeted on its Curve y pool. The hacker is said to have cashed out almost all the stolen funds through renBTC and Tornado. The hack resulted in investors pulling out about $350 million from the protocol.
Harvest Finance’s social media team sent a post via Twitter reading, “We are working actively on the issue of mitigating the economic attack on the stablecoin and BTC pools, and will update in this thread in real-time as soon as additional details are available.”
Harvest Finance has undertaken security action to safeguard users on its platform.
“To be specific: to protect users, 100% of stablecoin and BTC curve strategy funds have been withdrawn from the strategy to the vault.”
At the moment, not much is known about how the attack happened or if it was a consequence of a smart contract code flaw. Harvest Finance claims that its smart contracts have been reviewed and evaluated by PeckShield and Haechi Labs.
Just like Yearn Finance, Harvest Finance pursues the highest earning pools to farm and is currently among the top 5 platforms. According to DeFi pulse, it had more than $1 billion in total value locked by the end of last week. This value has, however, started plunging as a result of the news of the attack.