Computer Hacker
Crypto platforms have been the target of threat actors, with Prisma being just one of several platforms and exchanges that lost millions this year in system hacks. TheDigitalArtist/Pixabay

KEY POINTS

  • PeckShield and Cyvers detected the exploit then tagged Prisma on X
  • Prisma's engineering contributors have since paused the protocol and an investigation is underway
  • A white hat reached out to Prisma for a 'rescue' attempt, as per CertiK

Decentralized liquid staking token protocol Prisma Finance (PrismaFi) has been exploited for $11.6 million, on-chain data monitored by blockchain security firms revealed. The protocol has since confirmed that the exploit affected several "users of individual vaults."

Blockchain security and data analytics firm PeckShield reported about the exploit on X (formerly Twitter) on Thursday after it detected Ether (ETH) losses worth $8.1 million, initially. About an hour later, PeckShield said the total loss had reached 3,257.7 ETH worth $11.6 million, based on current prices.

At around the same time as PeckShield's alert, Web3 security provider Cyvers said its system detected "multiple suspicious transactions with @PrismaFi and still ongoing." It also said the attacker was "funded by @FixedFloat," a cryptocurrency exchange that suffered losses of $26 million in Bitcoin (BTC) and Ether last month in a sophisticated hack. Cyvers' system revealed that the cyberattacks targeted smart contracts, which are self-executing contracts that are signed and stored on a blockchain network.

Soon after PeckShield and Cyvers' reports regarding the exploit, Prisma said in a series of posts on X it was "aware of a possible exploit," adding that its core engineering contributors would pause the protocol and look into the hack. "Please disable delegate approval," the protocol asked vault owners. It did not confirm or deny the total losses reported by PeckShield.

It also urged users of the protocol to "be careful with phishing links of all sort" and to trust only Prisma's official communication channels. The protocol has since been paused and "remaining funds are safe." PeckShield said the pilfered funds have been transferred to three addresses.

CertiK, another blockchain security firm, has since revealed that an address that received 757.69 ETH (approximately $2.6 million) from the exploiter Prisma sent an on-chain message to the protocol's deployer. "Hi, this is a whitehat rescue, who can I contact to refund?" the white hat wrote.

Prisma has yet to confirm if it has communicated with the supposed white hat – an "ethical" security hacker who uses hacking skills to identify vulnerabilities in a system. The protocol said it will provide a post-mortem report about the incident and will attempt to recover the stolen funds.

Prisma Finance is only one of several crypto platforms that lost millions in hacking incidents so far this year. Among them is decentralized finance (DeFi) trading platform Unizen, which lost some $2.1 million earlier this month after what blockchain security firms said was an exploit of the Unizen system's "external call vulnerability."

The cryptocurrency realm has become the target of threat actors for years, but there has been a surge in attacks on the industry in recent months. Many of the attacks are linked to private key leakages, as per a recent CertiK report regarding crypto exploits. The report noted that approximately $239 million worth of digital assets have been lost so far in 2024 due to private key compromises (PKCs).