DeFi loan agreement Lendf.Me confirmed to be under attack, the team reminded users not to deposit at this stage

The DeFi loan agreement Lendf.Me confirmed that it was attacked at 8:45 GMT and block height: 9989681. The technical team has located the problem and advised all users to stop depositing assets into the loan agreement on the web page. Data from DeFi Pulse shows that hedging assets fell 57% within a few hours. At present, the utilization rate of multiple funds on the platform has reached 99%, and the utilization rate of imBTC’s funds is 100%. The data on the chain shows that the attacker has transferred the assets to the Compound and Aave platforms. The analysis of the SlowMist security team found that it was similar to the attack on Uniswap yesterday, and it was most likely caused by the same group of people. Lendf.Me is a decentralized lending market agreement developed by dForce. 1 day ago, an attacker used ERC-777’s reentry vulnerability in the Uniswap liquidity pool contract to arbitrage the ETH-imBTC pool, causing losses to the liquidity pool provider. The decentralized trading platform Tokenlon announced the suspension of the transfer function of the imBTC contract. imBTC is a 1: 1 ERC-20 token anchored in Bitcoin.