365int
Hackers Drain Millions Through Undercollateralized Loans
Solana-based DeFi protocol Loopscale has temporarily suspended its lending operations following a $5.8 million exploit. On April 26, attackers extracted approximately 5.7 million USDC and 1,200 SOL by executing a series of undercollateralized loans. The exploit affected Loopscale’s USDC and SOL vaults, representing about 12% of the platform’s total value locked (TVL).
Partial Functionality Restored Amid Ongoing Investigation
In response to the breach, Loopscale has re-enabled certain functionalities, including loan repayments, top-ups, and loop closing. However, other features, such as vault withdrawals, remain temporarily disabled as the team continues its investigation to ensure the exploit is fully mitigated. Co-founder Mary Gooneratne stated that the team is fully mobilized to investigate, recover funds, and ensure user protection.
Innovative Lending Model Faces Security Challenges
Launched on April 10, Loopscale introduced a unique order book model for DeFi lending, directly matching lenders and borrowers to enhance capital efficiency. The platform supports specialized lending markets, including structured credit and undercollateralized lending. Despite its innovative approach, the recent exploit underscores the security challenges inherent in DeFi platforms.
Broader Implications for the DeFi Ecosystem
The Loopscale incident adds to a series of security breaches in the DeFi space. In the first quarter of 2025 alone, hackers stole over $1.6 billion from exchanges and on-chain smart contracts, with more than 90% of those losses attributed to a $1.5 billion attack on ByBit by the Lazarus Group. These events highlight the critical need for robust security measures as DeFi platforms continue to evolve.
