Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Reproducible Foundry test fork from SunWeb3Sec/DeFiHackLabs. Clone the repo, run forge test against the file path above, and replay the exploit against a mainnet fork at the historical block. Use for reproduction only — not for live targets.
Arbitrum-based cryptocurrency lending platform Lodestar Finance was hacked and nearly $7 million in assets siphoned off, the attackers were able to manipulate the price of the plvGLP token, allowing them to use the inflated token to "borrow" the entirety of the Lodestar platform Liquidity available. Attack method (per SlowMist): Price Manipulation. Reported loss: $ 7,000,000.
- chain
- arbitrum
- protocol
- Lodestar Finance
- bug_class
- oracle
- date_occurred
- 2022-12-11
- loss_usd
- $7,000,000
- source_id
- sm:lodestar-finance::2022-12-11