DeFi lending protocol Inertia has reported a recent exploit that resulted in the loss of approximately $152,000 across multiple lending markets. The attack exploited a known vulnerability in the ERC4626 standard, allowing attackers to manipulate the price of roETH collateral and borrow assets from five Inertia lending markets. The affected markets included USDC, INIT, sINIT, TIA, and roTIA, with the attack lasting just over an hour.
Inertia's post-mortem revealed that attackers reduced the circulating supply of roETH by 99.7% and manipulated the exchange rate by transferring wstETH directly into the contract. This inflated the reported value of roETH from 1.234 stETH per token to nearly 33.75 stETH, enabling the attackers to drain assets. The protocol admitted that its oracle safeguards failed to prevent the exploit due to a lack of price deviation controls and secondary oracle validation.
In response, Inertia has restored affected user balances through its Insurance Fund and resumed lending operations. The protocol plans to enhance its risk management by overhauling its oracle architecture and collateral review framework, introducing multi-source oracle validation, and implementing stricter monitoring of liquid staking collateral assets.
Inertia Exploit Exposes ERC4626 Vulnerabilities, Drains $152,000
Haftungsausschluss: Die auf Phemex News bereitgestellten Inhalte dienen nur zu Informationszwecken.Wir garantieren nicht die Qualität, Genauigkeit oder Vollständigkeit der Informationen aus Drittquellen.Die Inhalte auf dieser Seite stellen keine Finanz- oder Anlageberatung dar.Wir empfehlen dringend, eigene Recherchen durchzuführen und einen qualifizierten Finanzberater zu konsultieren, bevor Sie Anlageentscheidungen treffen.