EasyFi Network Details $6M DeFi Hack in Latest Postmortem

Share Article
In Brief
  • EasyFi Protocol founder's computer compromised.

  • Liquidity pools drained via MetaMask.

  • EASY token dumps 50%.

  • promo

    BIT Launchpad: Up To 3,500 FREE BIT. Don’t Miss The Beat. Join Now!

The Trust Project is an international consortium of news organizations building standards of transparency.

The platform has released a postmortem detailing the incursion.The latest decentralized finance (DeFi) protocol to suffer at the hands of hackers is EasyFi.



In an April 20 blog post, founder and CEO of the EasyFi DeFi protocol, Ankitt Gaur, detailed an attack that resulted in the loss of as much as $6 million from its liquidity pools.

The incursion, which happened on April 19, was a targeted attack compromising the admin and mnemonic keys. This allowed the hacker to access funds and make off with almost 3 million EASY tokens.



“We gained validation to the initial reports about the targeted attack on the founder’s machine/MetaMask to access admin keys and execute the well-planned hack.”

Targeted DeFi hack

Gaur stated that he was first alerted to large transactions from protocol wallets. The hacker accessed existing liquidity in protocol pools in USD, DAI, and USDT in order to transfer 2.98 million EASY tokens to their wallet address.

He added that EasyFi smart contracts were not compromised. It was a targeted mnemonic hack upon Gaur’s own computer using a planned remote attack to access MetaMask.

“Since the machine was not used for daily operations and is used solely for the purpose of official transfers. The hacker waited for the right time to execute the hack in a well-planned manner.”

Gaur stated that most MetaMask attacks phish private keys or passphrases. However, in this instance, the computer was compromised and the wallets accessed directly from the hard drive.

He added that the tokens had yet to be sold due to liquidity restraints. Gaur offered a $1 million reward should the hacker return the funds in full.

The incident reinforces the premise that DeFi protocols are not really decentralized if the “CEO” still holds all the keys. It’s similar to the hack that targeted Nexus Mutual Founder Hugh Karp in December 2020. However, the $8 million was lifted from Karp’s personal wallet, not the protocol itself.

EasyFi is a Layer 2 DeFi lending protocol designed for digital assets powered by the Polygon (formerly Matic) Network. It launched on Binance Smart Chain in early April and partnered with PancakeSwap for yield farming incentives.

EASY token price crashes

EasyFi’s native token crashed almost 50% as the news broke, falling from around $26 to $13.50 in under 24 hours.

At the time of writing EASY had recovered marginally and was trading at $17.65.


All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.
Share Article

Martin has been covering the latest developments on cyber security and infotech for two decades. He has previous trading experience and has been actively covering the blockchain and crypto industry since 2017.

Follow Author

Market signals, studies and analysis! Join our Telegram Today!


Bit2Me ICO JUST STARTED! Buy B2M token now.

Buy now!

BIT Launchpad: Up To 3,500 FREE BIT. Don't Miss The Beat.

Join Now!