$7.6 million in stablecoins was withdrawn from the Rho Markets DeFi protocol due to a misconfiguration of the price oracle. An MEV bot withdrew the assets and returned them after the error was discovered.
The Rho Markets team reported that the DeFi protocol fully resumed operations after $7.6 million in user funds was withdrawn. It’s reported that all assets were successfully returned, and the incident wasn’t a hacker attack.
The protocol team recorded a price oracle manipulation on July 19 that resulted in the withdrawal of USDC and USDT stablecoins. The incident was made possible by an error in the oracle that allowed the MEV bot to profit.
The organization behind the MEV bot said it’s ready to return all assets to users, but the protocol team must admit that it wasn’t an attack or exploit but a configuration error. The Rho Markets team thanked the community and users for their support and promised to strengthen measures to prevent similar incidents. In particular, Rho Markets talked about engaging third-party developers to conduct data monitoring and auditing of smart contracts.
According to DefiLlama, the TVL of Rho Markets decreased by 54% due to the incident — from $51 million to $23.4 million.
Last week, hackers were highly active. In addition to Rho Markets, the affected projects include the crypto exchange WazirX, from which more than $230 million was withdrawn, and the Li.Fi protocol with a $10 million exploit.
