Decentralized exchange dYdX has utilized its insurance fund to compensate for losses of $9 million incurred as a result of a “targeted attack” against the exchange. The dYdX team revealed in a post on X (formerly Twitter) that the v3 insurance fund was deployed to address vulnerabilities in the liquidation process within the YFI market. Fortunately, no user funds were affected, and the team is currently investigating the incident. The v3 insurance fund still has $13.5 million remaining. According to dYdX founder Antonio Juliano, this attack was undeniably aimed at dYdX.
Dive into the Attack and its Impact
The Yearn.Finance (YFI) token experienced a massive surge of over 170% in the weeks leading up to November 17th, only to plummet by 43% on that day. It was during this time that the alleged attack targeted long positions in YFI tokens on the dYdX exchange, resulting in the liquidation of positions worth almost $38 million. Juliano suspects that both the trading losses incurred by dYdX and the significant decline in the value of YFI were the consequences of market manipulation.
To mitigate the risk of future incidents, dYdX has taken measures such as increasing margin requirements for “less liquid” markets like EOS, RUNE, and AAVE. Juliano has also pledged to conduct a comprehensive review of risk parameters and make necessary adjustments to both the v3 insurance fund and the dYdX Chain software.
Concerns over the YFI Market and Crypto Industry
The attack on dYdX and the subsequent drop in the YFI token’s market capitalization by over $300 million have raised suspicions within the community regarding a potential insider involvement in the YFI market. Some users allege that developers control 50% of the YFI token supply through 10 wallets. However, data from Etherscan suggests that some of these holders may be crypto exchange wallets rather than developer-controlled addresses.
Unfortunately, this incident is not isolated, as hacks and scams continue to plague the crypto industry. A report by blockchain security platform Immunefi reveals that there were 76 hacks on crypto and Web3 projects and firms in Q3 2023, a significant increase compared to the 30 hacks reported in the same period in 2022. The cumulative loss from exploits, hacks, and scams in September alone reached approximately $332 million, marking a record-high month for crypto exploits. Prior to the dYdX attack, the DeFi platform Raft also fell victim to a hack resulting in the loss of about $3.3 million in Ethereum (ETH). Interestingly, Raft’s hack was the second major crypto exploit that day, following an attacker draining around $114 million in digital assets from the centralized exchange Poloniex.