Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Reproducible Foundry test fork from SunWeb3Sec/DeFiHackLabs. Clone the repo, run forge test against the file path above, and replay the exploit against a mainnet fork at the historical block. Use for reproduction only — not for live targets.
The stablecoin DEI launched by the DeFi protocol DEUS has been hacked, and the loss has exceeded $6.3 million. Over $5 million was lost on Arbitrum and $1.3 million on the BSC chain. This appears to be a public destroy bug. On May 7, one of the DEI hacker addresses (starting with 0xdf610228) returned about 1.07 million DAIs. on May 8, DEUS tweeted to confirm that the DEI attackers had returned 2,023 ETH. Attack method (per SlowMist): Contract Vulnerability. Reported loss: $ 6,300,000.
- chain
- bsc
- protocol
- DEI
- bug_class
- logic
- date_occurred
- 2023-05-06
- loss_usd
- $6,300,000
- source_id
- sm:dei::2023-05-06