DeFi lending protocol Inertia has reported a recent exploit that resulted in the loss of approximately $152,000 across multiple lending markets. The attack exploited a known vulnerability in the ERC4626 standard, allowing attackers to manipulate the price of roETH collateral and borrow assets from five Inertia lending markets. The affected markets included USDC, INIT, sINIT, TIA, and roTIA, with the attack lasting just over an hour.
Inertia's post-mortem revealed that attackers reduced the circulating supply of roETH by 99.7% and manipulated the exchange rate by transferring wstETH directly into the contract. This inflated the reported value of roETH from 1.234 stETH per token to nearly 33.75 stETH, enabling the attackers to drain assets. The protocol admitted that its oracle safeguards failed to prevent the exploit due to a lack of price deviation controls and secondary oracle validation.
In response, Inertia has restored affected user balances through its Insurance Fund and resumed lending operations. The protocol plans to enhance its risk management by overhauling its oracle architecture and collateral review framework, introducing multi-source oracle validation, and implementing stricter monitoring of liquid staking collateral assets.
Inertia Exploit Exposes ERC4626 Vulnerabilities, Drains $152,000
Aviso legal: El contenido de Phemex News es únicamente informativo.No garantizamos la calidad, precisión ni integridad de la información procedente de artículos de terceros.El contenido de esta página no constituye asesoramiento financiero ni de inversión.Le recomendamos encarecidamente que realice su propia investigación y consulte con un asesor financiero cualificado antes de tomar cualquier decisión de inversión.