{"id":30695,"date":"2020-10-26T11:57:38","date_gmt":"2020-10-26T09:57:38","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=30695"},"modified":"2025-08-27T23:36:37","modified_gmt":"2025-08-27T20:36:37","slug":"hacker-drains-19-8m-from-harvest-finance-as-farm-price-falls-more-than-50","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/hacker-drains-19-8m-from-harvest-finance-as-farm-price-falls-more-than-50\/","title":{"rendered":"Hacker drains $19.8m from Harvest Finance as FARM price falls more than 50%"},"content":{"rendered":"<p>An unknown attacker <a href=\\\"https:\/\/etherscan.io\/tx\/0x53fae6f1d6b8a76a666a0bf7f9c724e6006465e544f89f1515b939d8911e8c58\\\" target=\\\"_blank\\\" rel=\\\"noopener noreferrer\\\">\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b<\/a> $24 million in stablecoins from Harvest Finance DeFi protocol pools to withdraw $19.8 million in renBTC. The project\\&#8217;s native token FARM fell by more than 50%.<\/p>\n<p>\\n<\/p>\n<p><!--more--><\/p>\n<p>\\n<\/p>\n<p>According to the developers, the hacker manipulated the prices of stablecoins in the DeFi protocol Curve, with which Harvest Finance interacts. It took seven minutes to withdraw funds from the platform. Some of the assets were routed through the Tornado Cash mixer.<\/p>\n<p>\\n<\/p>\n<blockquote class=\\\"twitter-tweet\\\" data-conversation=\\\"none\\\"><p>\\n<\/p>\n<p dir=\\\"ltr\\\" lang=\\\"en\\\">The economic attack was performed through the curve y pool, stretching the price of the stablecoins in Curve out of proportion and depositing and withdrawing a large amount of assets through harvest.<\/p>\n<p>\\n<\/p>\n<p>To protect users, we\u2019ve pulled y pool and btc curve strategy funds to the vault<\/p>\n<p>\\n<\/p>\n<p>\u2014 Harvest Finance (@harvest_finance) <a href=\\\"https:\/\/twitter.com\/harvest_finance\/status\/1320586738675388416?ref_src=twsrc%5Etfw\\\">October 26, 2020<\/a><\/p>\n<\/blockquote>\n<p>\\n<\/p>\n<p><script async src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script><\/p>\n<p>\\n<\/p>\n<p>The team stated that it withdrew \\&#8221;100% of stablecoins and BTC from the Curve strategy funds\\&#8221; to the vault. Together with Ren Protocol it has identified the attacker\u2019s addresses \u2014 representatives of the project appealed to leading exchanges to block them.<\/p>\n<p>\\n<\/p>\n<blockquote class=\\\"twitter-tweet\\\" data-conversation=\\\"none\\\"><p>\\n<\/p>\n<p dir=\\\"ltr\\\" lang=\\\"en\\\">To be specific: to protect users, 100% of Stablecoin and BTC curve strategy funds have been withdrawn from the strategy to the vault.<\/p>\n<p>\\n<\/p>\n<p>\u2014 Harvest Finance (@harvest_finance) <a href=\\\"https:\/\/twitter.com\/harvest_finance\/status\/1320589153407508480?ref_src=twsrc%5Etfw\\\">October 26, 2020<\/a><\/p>\n<\/blockquote>\n<p>\\n<\/p>\n<p><script async src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script>\\n<\/p>\n<p>\\n<\/p>\n<p>The Harvest Finance team also said that the attacker returned $2.47 million. It will be distributed among affected investors.<\/p>\n<p>\\n<\/p>\n<blockquote class=\\\"twitter-tweet\\\" data-conversation=\\\"none\\\"><p>\\n<\/p>\n<p dir=\\\"ltr\\\" lang=\\\"en\\\">The attacker sent back $2,478,549.94 to the deployer in the form of USDT and USDC.<\/p>\n<p>\\n<\/p>\n<p>This will be distributed to the affected depositors pro-rata using a snapshot<\/p>\n<p>\\n<\/p>\n<p>\u2014 Harvest Finance (@harvest_finance) <a href=\\\"https:\/\/twitter.com\/harvest_finance\/status\/1320604294190608385?ref_src=twsrc%5Etfw\\\">October 26, 2020<\/a><\/p>\n<\/blockquote>\n<p>\\n<\/p>\n<p><script async src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script>\\n<\/p>\n<p>\\n<\/p>\n<p>Later, the platform developers said that they know not only the attacker\u2019s addresses but also have personal information about him. The hacker is \\&#8221;well known in the Bitcoin community.\\&#8221; The project has set a $100,000 bounty for the first person to contact him and help recover the funds.<\/p>\n<p>\\n<\/p>\n<blockquote class=\\\"twitter-tweet\\\"><p>\\n<\/p>\n<p dir=\\\"ltr\\\" lang=\\\"en\\\">\u26a0\ufe0fHarvest Finance\u26a0\ufe0f<\/p>\n<p>\\n<\/p>\n<p>\u2022 Still over $1 billion<br \/>\\n\u2022 Still anon team with admin key that can drain funds<br \/>\\n\u2022 Still unknown security of key<br \/>\\n\u2022 Still blocking me on Twitter<br \/>\\n\u2022 Still banning me from Discord<\/p>\n<p>\\n<\/p>\n<p>Response: Trust them cuz $1 billion is \u00abnot useful\u2026\u00bb and \u00abdon\u2019t bother us\u2026\u00bb <a href=\\\"https:\/\/t.co\/N443bnxkE9\\\">pic.twitter.com\/N443bnxkE9<\/a><\/p>\n<p>\\n<\/p>\n<p>\u2014 Chris Blec (@ChrisBlec) <a href=\\\"https:\/\/twitter.com\/ChrisBlec\/status\/1320375400141328384?ref_src=twsrc%5Etfw\\\">October 25, 2020<\/a><\/p>\n<\/blockquote>\n<p>\\n<\/p>\n<p><script async src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script>\\n<\/p>\n<p>\\n<\/p>\n<p>As reported, the KuCoin exchange hacker <a href=\"https:\/\/u1f987.com\/en\/news\/kucoin-hacker-sent-5-million-in-ethereum-to-tornado-cash-mixer\">sent<\/a> 11,520 ETH (~$4.8m) to the Ethereum mixer Tornado Cash and managed to mix it in batches of 100 ETH, totalling 2,800 coins worth about $1.16m. The coins on Ethereum were converted via Uniswap and Kyber Network.<\/p>\n<p>\\n<\/p>\n<p>Follow ForkLog news on <a href=\\\"https:\/\/vk.com\/forklogcom\\\" target=\\\"_blank\\\" rel=\\\"nofollow noopener noreferrer\\\">VK<\/a>!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>An unknown attacker used $24 million in stablecoins from Harvest Finance DeFi protocol pools to withdraw $19.8 million in renBTC. The project\\&#8217;s native token FARM fell by more than 50%.<\/p>\n","protected":false},"author":1,"featured_media":30696,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1154,1093,1997,1314],"class_list":["post-30695","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crimes","tag-defi","tag-harvest-finance","tag-tornado-cash"],"aioseo_notices":[],"amp_enabled":true,"views":"25","promo_type":"1","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/30695","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=30695"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/30695\/revisions"}],"predecessor-version":[{"id":30697,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/30695\/revisions\/30697"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/30696"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=30695"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=30695"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=30695"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}