Prisma Finance Suffers $11 Million Hack Involving FixedFloat Exchange

Hassan Shittu
Last updated: | 2 min read
Prisma Finance Faces $9 Million Hack Involving FixedFloat Exchange

Prisma Finance, a leading decentralized finance (DeFi) protocol, was the victim of a sophisticated hack involving the FixedFloat exchange, which resulted in a loss of $9 million.

The protocol team has acknowledged the breach, and their engineers have already halted the DeFi protocol to investigate the attack.

Prisma Finance Hit by $11 Million Exploit, Security Firms Confirm

According to Cyvers, a Web3 cybersecurity firm that was the first to detect suspicious transactions involving Prisma Finance, the attacker, allegedly funded by FixedFloat, executed multiple transactions resulting in the theft of 1,965.39 wrapped staked Ethereum (wstETH), initially valued at around $9 million.

Blockchain security firm PeckShield confirmed the attack, indicating that Prisma mkUSD and wrapped stETH were among the stolen assets.

Subsequently, the attackers converted these assets to Ethereum (ETH), indicating a calculated and targeted approach to exploiting vulnerabilities in the platform.

Following the initial alert, PeckShield, in another alert on X, stated that an additional $1 million in fraudulent transactions was detected, bringing the total stolen funds close to $11 million, “the attack is ongoing, with the total loss now increased to ~3,257.7 ETH (worth ~$11.6 million).”

PeckShield urged vault owners to stay vigilant and follow official notifications to avoid scams. They also warned of other scammers attempting to exploit the situation, noting the presence of a fraudulent Prisma Finance account with a golden badge trying to mislead users with a suspicious link.

Prisma Finance Responds to Possible Exploit as DeFi Sector Continues to Face Challenges

In response, Prisma Finance engaged with its followers on X to provide an update on the situation. Prisma Finance stated that its core engineers and contributors would pause the protocol to conduct a thorough investigation. Moreover, Prisma urged its users to revoke all connections to prevent the loss of funds.

Notably, Prisma Finance is a decentralized liquid staking token protocol with a total value locked (TVL) of over $222 million, as reported by DefiLlama.

According to a Web3 bug bounty and security services platform Immunefi report, the crypto industry has clocked up $336.3 million in losses due to hacks and scams during the first quarter.

According to Immunefi, DeFi platforms, which account for nearly $100 billion of total value locked in web3 protocols, remain prime targets for hackers. Notably, all exploits identified by Immunefi in Q1 targeted DeFi, while centralized (CeFi) platforms experienced zero exploits during the same period.

Despite the significant losses, $73.9 million (22%) of the stolen funds were successfully recovered from seven exploits. Additionally, attacks decreased by 17.6%, from 74 in Q1 2023 to 61 in Q1 this year.

While the $336.3 million in losses represents a substantial figure, it marks a notable 23.1% decrease compared to losses of $437.5 million reported in the same quarter last year.