Details are thin on the ground at the moment, but reports are emerging that FinNexus is the latest victim of a decentralized finance (DeFi) exploit.
The decentralized options platform reported the incursion on its Twitter feed in the late hours of May 17. It called it a smart contract hack but industry experts have refuted the claim, suggesting it was a stolen private key for the administrator account.
“We regret to inform our traders and investors that the FinNexus erc20 contract appears to have been hacked. For safety reasons please withdraw your funds from the pools. The team is working on this issue and we will provide updates as they become available.”
DeFi analyst Chris Blec responded to the statement saying that the admin key was either stolen or used maliciously by a team member.
Stolen admin key or another DeFi rug pull?
Research analyst Igor Igamberdiev delved into the transactions and found that the FinNexus contract deployer changed the token owner to an address on Ethereum and Binance Smart Chain. This address minted 323 million FNX, worth approximately $6 million on Ethereum and 60 million FNX valued at roughly $1.6 million on BSC, and started dumping tokens.
The conclusion from the experts is that it has been a stolen admin key or rug pull.
Five hours after the original tweet, FinNexus had yet to elaborate on what exactly had happened:
“As the FinNexus team works to figure out the details of what happened, we kindly ask our users to:
– Withdraw all funds from all pools. (Where possible.)
– Refrain from buying the current FNX token on exchanges.”
FinNexus is a cross-chain DeFi protocol for writing options exposure for multiple assets from within a single collateral pool. It’s the fifth DeFi protocol to suffer an exploit this month following Spartan, Rari Capital, xToken, and bEarn.
FNX tokens dump 90%
At the time of press, FNX tokens had fallen off a cliff, dumping 90% over the past 12 hours according to CoinGecko. The decline was one sharp drop indicating that a huge chunk of the protocol’s token collateral had been liquidated at the same time during the incursion.
FNX was trading at around $0.35 before the exploit but crashed to $0.018 immediately after it before moving up a tiny amount to $0.038. Unless the protocol can compensate user for those losses it is unlikely that FNX will recover.