Rho Markets, a lending protocol operating on the Ethereum layer two network Scroll, faced a challenging situation involving gray hat hackers resulting in a temporary loss of $7.6 million in user assets.
Security Breach Revealed by Gray Hat Hackers
Rho Markets disclosed suspicious activities on their platform and initiated an investigation after observing irregularities. Despite assuring users about the security of most token pools, it was confirmed that $7.6 million had been taken from the USDT and USDC pools due to a breach in the oracle control by the attackers.
Gray hat hackers attempted to return the stolen funds, mentioning that they utilized a price oracle misconfiguration to their advantage. They demanded acknowledgment of the misconfiguration and preventive measures from Rho Markets.
Rho Markets Recovers Assets and Enhances Security
Following the incident, Rho Markets confirmed the safety of user assets and announced plans to refund affected pools. They will also review all active supply accounts during the attack and resume services with heightened security measures in place.