A new DeFi protocol disappeared with $1 million worth of users' money
Date: 2023-06-28 Author: Karina Ziganova Categories: IN WORLD
Chibi Finance, a DeFi project on the second-tier network on Arbitrum, allegedly stole $1 million worth of tokens shortly after launch. This was reported by security analysts CertiK.
The developers of the project deployed a malicious contract that allowed them to steal user funds from Chibi smart contracts. According to an on-chain analysis, 555 ether (ETH) totaling about $1 million was withdrawn from liquidity pools.
The Chibi Finance team withdrew the tokens placed by users on their platform and converted them to ETH. After that, the funds were sent from the Arbitrum network to Ethereum and routed through the Tornado Cash cryptocurrency mixer.
After the money was withdrawn from the liquidity pools, Chibi Finance's social networks also became inactive. The project's Twitter and Telegram accounts have stopped working, and the project's chibi.finance website is no longer available.
The price of the project's native token, CHIBI, fell by 99.2%, to $0.01, within hours of the incident. A day earlier, the maximum price of the token was $1.62.
The Chibi Finance team scam is another example of rug pull in the DeFi space. Last month, the developers of the Arbitrum project, Swaprum, disappeared with nearly $3 million just weeks after it was audited by auditor CertiK. Later it turned out that the project team regularly used Tornado Cash for money laundering. Immediately after the incident, Swaprum deleted all social media accounts.
Prior to that, in April, the decentralized exchange (DEX) Merlin closed after withdrawing user funds in the amount of $2 million. Representatives of Merlin confirmed the hack, but did not specify what exactly allowed the hackers to pull off the attack. At the same time, community members suspect Merlin developers themselves of deceiving. The crypto exchange was audited by CertiK, which did not express concerns about the reliability of the platform.
