Hackers Reportedly Drain $6 Million From DeFi Protocol Summer.fi

  • Blockaid flagged an exploit draining roughly $6 million from Summer.fi.
  • SUMR was down 5.3% today while major crypto assets traded higher.
  • The affected LVUSDC vault's displayed APY briefly spiked to about 2.08 million%.
Promo

Summer.fi has reportedly been exploited, with roughly $6 million drained so far. Blockaid flagged the exploit in a post on X on Monday.

The security firm published the attacker’s address, the exploit contract, and the affected Lazy Summer contracts. 

Sponsored
Sponsored

DeFi Protocol Summer.fi Reportedly Loses $6 Million in Active Exploit

Blockaid said its detection system surfaced the incident on Monday morning, estimating about $6 million in losses at that stage. The firm highlighted the on-chain addresses associated with the attack.

  • Exploiter address: 0x7BF716167B48CF527725722C6d79494b45B3BDCa
  • Exploit contract: 0x0514F827C129C16418a0933E03C99A6AF982FC61
  • Affected Summer.fi / Lazy Summer contracts:
    • 0x98C49e13bf99D7CAd8069faa2A370933EC9EcF17
    • 0xA9ca4909700505585B1aD2a1579dA3b670FFA9c4
    • 0xE9cDA459bED6dcfb8AC61CD8cE08E2D52370cB06

Security firm PeckShield identified the main affected vault as LazyVault_LowerRisk_USDC (LVUSDC), which Block Analitica risk-manages. The firm said that the vault’s displayed APY briefly spiked to about 2.08 million %.

“The largest current holder is 0x8741e8f…4130, which appears to be associated with Torben Jorgensen (UDHC), and has deposited ~8.6M USDC into this vault,” the post read.

Follow us on X to get the latest news as it happens

Sponsored
Sponsored

Summer.fi, formerly Oasis.app, is the front-end for the Lazy Summer Protocol, an onchain vault system that automatically routes deposits across DeFi yield sources like Aave and Morpho.

The network’s native token SUMR traded near $0.00193, down 5.3% over 24 hours. The move diverged from the broader market, which rose more than 1% on the day.

SUMR Token Price Performance
SUMR Token Price Performance. Source: CoinGecko

The incident marked the second crypto exploit recorded in July, according to DeFiLlama. It follows a series of attacks in June, when crypto platforms lost $75.87 million across 40 hacks, with the Humanity Protocol breach accounting for the largest loss.

BeInCrypto has reached out to Summer.fi for comment. This is a developing story.

Subscribe to our YouTube channel to watch leaders and journalists provide expert insights


To read the latest cryptocurrency market analysis from BeInCrypto, click here.

Disclaimer

BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.

Sponsored
Sponsored