\n
![](\"https:\/\/images.cointelegraph.com\/cdn-cgi\/image\/format=auto,onerror=redirect,quality=90,width=840\/https:\/\/s3.cointelegraph.com\/uploads\/2023-08\/a22c2880-31ad-467e-8a59-54602f3bb4ae.jpg\")
<\/p>\n
\n<\/p>\n
Decentralized finance (DeFi) protocols Exactly and Harbor were exploited on Aug. 18 in two separate \u2014 and apparently unrelated \u2014 attacks, according to blockchain security firms DeDotFi and PeckShield.<\/p>\n
On-chain data reveals 4323.6 Ether (ETH<\/a>), worth nearly $7.3 million at the time of writing, had been stolen from Exactly Protocol. The hackers then bridged 1490 ETH using the Across Protocol, and 2,832.92 ETH to the Ethereum network via Optimism Bridge. <\/p>\n Update: After a thorough review of the Exactly Protocol Hack, we have concluded that the total of stolen amount up to date is ~$7.2M (4323.6 $ETH<\/a>)<\/p>\n Eventually, they bridged ~1490 $ETH<\/a>, using Across Protocol, and 2,832.92 $ETH<\/a> to Ethereum via Optimism Bridge:\u2026 https:\/\/t.co\/s61ai1OEMd<\/a><\/p>\n \u2014 De.Fi ️ Web3 Antivirus (@DeDotFiSecurity) August 18, 2023<\/a><\/p><\/blockquote>\n Exactly is one of the crypto lenders on the Optimism network. Initial reports mentioned over 7160 ETH stolen, worth nearly $12 million, but were later revised to reflect a smaller amount missing. The attacker targeted the DebtManager periphery contract, according to Exactly: <\/p>\n “The attacker passed in a malicious market contract address, bypassing the permit check, and executed a malicious deposit function to steal assets deposited by users. Approximately $7.3M were stolen.”<\/p><\/blockquote>\n The protocol filed a police report and is trying to communicate with the attackers to return the stolen assets, its team noted on X (formerly Twitter).\u00a0<\/p>\n In another security incident, the interchain stablecoin protocol Harbor disclosed<\/a> being the victim of an attack that led to the loss of funds sitting on its stable-mint, as well as stOSMO, LUNA and WMATIC vaults. At the time of writing, the amount of crypto assets stolen remains unclear. Harbor is said to be working on tracing funds and estimating the total losses.<\/p>\n The attacks follow a number of security incidents across the DeFi ecosystem over the past few weeks. On July 30, a vulnerability on three versions of the Vyper programming language resulted in over $61 million stolen<\/a> from stable pools on Curve Finance. Other protocols compromised in the past days include Earn.Finance, with at least $287,000<\/a> worth of ETH stolen, in addition to $2.1 million in losses incurred<\/a> by Zunami Protocol due to another exploit.<\/p>\n Magazine:<\/strong> <\/em>DeFi Dad, Hall of Flame: Ethereum is \u2018woefully undervalued\u2019 but growing more powerful<\/em><\/strong><\/a><\/p>\n<\/div>\n\n