Rhea Finance Hit by $7.6M Exploit After Fake Token Pool Attack
The post Rhea Finance Hit by $7.6M Exploit After Fake Token Pool Attack appeared on BitcoinEthereumNews.com.
Rhea Finance lost at least $7.6 million after an incident that CertiK said affected the protocol. The attacker allegedly created fake token contracts and added liquidity to fresh pools, likely misleading the oracle and validation layer. Paolo Ardoino said Tether froze about $3.29 million USDT linked to the attacker. Rhea Finance suffered a suspected exploit that drained at least $7.6 million after an attacker appeared to have manipulated the protocol’s oracle and validation layer. The incident was first flagged by CertiK Alert on X, which said the attacker created fake token contracts and added liquidity in fresh pools, likely deceiving the system into approving unauthorized withdrawals. The exploit appears to center on a classic DeFi weakness. By seeding new liquidity pools with fraudulent token contracts, the attacker may have distorted the protocol’s pricing and verification logic long enough to move real assets out of the system. Reports on the incident say the stolen assets included USDC, USDT, ZEC, and NEAR. Fake Token Pools Tricked Core Protocol Checks The alleged method is notable since it did not rely on a simple private key compromise. Instead, the attacker appears to have exploited trust in the protocol’s internal validation process. CertiK’s description points to manipulated pool creation and liquidity injection as the trigger that misled the oracle and allowed assets to be extracted. Oracle and validation design remain among the most fragile parts of DeFi infrastructure. When a protocol accepts false liquidity or distorted pricing signals, attackers can create conditions where fake market data unlocks real funds. In Rhea Finance’s case, the use of fresh pools suggests the exploit targeted the system before those markets could mature or be stress-tested. Frozen Funds Reduce Part of the Damage Paolo Ardoino said Tether froze roughly $3.29 million in USDT linked to the attacker shortly after…
Filed under: News - @ April 17, 2026 1:25 am