EraLend zkSync Lending Protocol Hit By $3.4M Reentrancy Attack

Crypto lending protocol EraLend saw $3.4 million as it experienced a read-only reentrancy attack. The team behind EraLend, a zkSync-based project, said that it had suspended all borrowing operations. 

The EraLend team announced that the attack had taken place on July 25, stating that it was “working tirelessly to address the situation and safeguard community interests.”

EraLend Hack Drains $3.4M From Platform

The EraLend team contained the threat, but not before the hacker made away with $3.4 million. The announcement states,

“We’ve experienced a security incident on our platform today. The threat has been contained. We’ve suspended all borrowing operations for now and advise against depositing USDC. We’re working with partners and cybersecurity firms to address this. More updates to follow.”

The attack used a read-only reentrancy attack to steal the funds. This allows the attacker to manipulate asset prices through repeated calls to the smart contract.

This can then be manipulated into what is effectively a theft of funds.

DeFi Hacks Keep Coming

EraLend is a decentralized lending protocol that operates on the Ethereum scaling solution zkSync. The protocol maximizes capital efficiency while limiting the risks associated with external liquidity and oracles.

The project claims that this allows “users to lend and borrow crypto assets more efficiently than any existing solutions in the market.” 

Users can also earn a variable interest on crypto deposits based on supply, demand, and smart contract-based interest rate models. It currently supports the USDC and ETH markets. Before the attack, the platform had reached a peak of about $18.5 million in TVL.

EraLend Hack Caused TVL to Fall. Source: DeFiLlama
EraLend Hack Caused TVL to Fall. Source: DeFiLlama

DeFi hacks are one of the biggest thorns in the crypto market’s side. In April 2023 alone, the amount lost to hacks and exploits crossed $100 million. Euler Finance was the most significant victim of the year, losing $197 million to a hacker. However, after negotiating with the team, the attacker returned all of the funds.

As such, security is of the utmost importance to teams. Chainalysis data claims that DeFi is responsible for a 60% rise in crypto hacks. And unless measures are enacted, this will not change.


In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content.

Source link

Be the first to comment

Leave a Reply

Your email address will not be published.