Decentralized finance (DeFi) protocol Tender.fi was exploited for $1.59 million due to a misconfigured oracle, allegedly by a white hat hacker, the platform said via Twitter on 7 March.
First to flag the exploit were smart contract auditor CertiK and blockchain analyst Lookonchain, and the incident was later confirmed by Tender.fi’s team, who said they had paused all borrowing on the platform while investigating an “unusual amount of borrows”. The attacker had also left an on-chain message — verified on the Arbitrum Blockchain Explorer — calling on Tender.fi to “contact me to sort this out”.
Tender.fi’s native token TND fell by more than 34% when the news got out, but started to recover after the protocol revealed it had made contact with the alleged white hat hacker — an individual who attacks a platform to find its flaws, before returning the funds — and is currently in discussions on how to remedy the situation.
Blockchain analysist Lookonchain went further into the exploit, explaining that the attacker used a misconfigured pricing oracle to borrow $1.59 million worth of assets from the Tender.fi protocol by depositing only 1 GMX token, which at current prices is valued at $71.