Polter Finance, a decentralized non-custodial lending and borrowing platform, has been forced to halt its operations following a significant security breach on November 17, 2024. The platform, which provides decentralized financial services, was hit by a flash loan exploit that drained approximately $12 million in total value locked (TVL). The attack targeted the newly launched SpookySwap (BOO) market, with a faulty oracle price being identified as the likely cause of the vulnerability. The incident has prompted the platform to take immediate action, including notifying its investors and involving law enforcement.
According to Web3 security firm TenArmor, the exploit involved a price-related flash loan attack. However, Polter Finance has yet to confirm the exact mechanics of the hack. After tracing the stolen funds to wallets on the crypto exchange Binance, the platform issued a public message on X outlining its response to the breach. In a bid to recover the stolen assets, Polter Finance’s founder, pseudonymously known as Whichghost, reached out to the hacker through an on-chain message, offering the possibility of negotiation and even impunity in exchange for the return of the stolen funds.
Despite these efforts, skepticism has emerged within the community, with some speculating that the breach could involve insider activity. Critics pointed to the filing of a police report as a potential diversion from internal scrutiny, especially given the involvement of a newly deployed smart contract for the BOO token lending. The hack had initially targeted a market valued at just $3,000, raising further questions about the circumstances surrounding the attack.
To assist in the investigation, Polter Finance has partnered with the Security Alliance Information Sharing and Analysis Center (SEAL-ISAC), an organization focused on tracking down and mitigating cybersecurity threats in the blockchain space. The platform’s total market size before the hack was reported to be around $12 million, consisting of various cryptocurrencies, including Fantom (FTM), wrapped USD Coin (USDC), Magic Internet Money (MIM), and Stader sFTMX. As the investigation continues, Polter Finance is working diligently to trace the attacker and prevent further breaches.
