The decentralized lending agreement Lendf.me was attacked, slow fog said it was similar to the Uniswap attack

The DeFi loan agreement Lendf.Me was hacked, and DeFi Pulse data showed that the locked-up assets fell sharply by 57% in just a few hours. At present, the website has been unable to go online, and users report that they have been unable to withdraw assets. The data on the chain shows that the hacker transferred a lot of imBTC by snowballing, and each of them doubled the previous one. At present, the utilization rate of multiple funds on the platform has reached 99%, and the utilization rate of imBTC’s funds is 100%. Hackers have transferred assets to the two platforms Compound and Aave. The team stated that it is currently under investigation and reminded users not to deposit at this stage. The analysis of the SlowMist security team found that it was similar to the attack on Uniswap yesterday, and it was most likely caused by the same group of people. Lendf.Me is a decentralized lending market agreement developed by dForce. 1 day ago, an attacker used ERC-777’s reentry vulnerability in the Uniswap liquidity pool contract to arbitrage the ETH-imBTC pool, causing losses to the liquidity pool provider. The decentralized trading platform Tokenlon announced the suspension of the transfer function of the imBTC contract. imBTC is a 1: 1 ERC-20 token that anchors Bitcoin, injecting new vitality into the Ethereum ecosystem by anchoring Bitcoin.