Harvest Finance Hacked for $24 Million, Puts Bounty on Alleged Attacker

Share Article
In Brief
The Trust Project is an international consortium of news organizations building standards of transparency.

According to reports on Oct 26. 2020, nearly $24 million in value has been siphoned from the liquidity pools of Harvest Finance, a major decentralized finance (DeFi) protocol.

Harvest Finance subsequently confirmed the hack, stating that the protocol is “working actively on the issue of mitigating the economic attack on the Stablecoin and BTC pools.”

According to the initial tweet, the attacker swapped the stolen crypto for renBTC (rBTC) and used Tornado Cash to mix with other funds. They also returned $2.5 million, the reason for which was not immediately clear.

In response to the breach, investors rushed to get their money out, and so far, appear to have pulled roughly $350 million from Harvest. According to CoinGecko data, the result has been a more than 50% drop in the value of FARM, the platform’s native token.

Such hacks are commonplace in crypto, but the aftermath of the alleged Harvest hack is somewhat unique. In a tweet not long after the incident, Harvest Finance announced that they had enough data to identify the attacker, who is “well-known in the crypto community.”

According to the tweet, Harvest has no interest in taking punitive action against the attacker, writing, “we are not interested in doxxing the attacker, your skill and ingenuity is respected, just return the funds to the users.”

The hack occurred just a day after DeFi analyst Chris Blec issued a warning about Harvest Finance. Blec’s main allegation was that Harvest administrators hold an admin key that could drain the funds inside the protocol’s smart contracts. Whether or not the admin key played a role in this situation remains unclear, although Harvest referred to the incident as a “flash loan economic attack.”

Neither Blec nor the project’s administrators responded to requests for additional comment. Harvest did, however, indicate that a more detailed explanation would be forthcoming, tweeting, “We will release a post mortem report within the next 16 hours, and work on future risk-mitigation strategies.”


All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.
Share Article

Colin is a writer, researcher, and content marketer with a keen interest in the future of money. His writing has been featured in numerous cryptocurrency publications, and his holdings don't amount to more than a handful of BAT.

Follow Author

Unlock Next-Level Trading Experience — Earn up to 8.88% APY      


Unlock next-level trading on Bybit with your favorite metaverse      


Bybit New Token Listing: Win In-Game NFTs and SIDUS Tokens.      

Win Now!