Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Reproducible Foundry test fork from SunWeb3Sec/DeFiHackLabs. Clone the repo, run forge test against the file path above, and replay the exploit against a mainnet fork at the historical block. Use for reproduction only — not for live targets.
Themis, a cryptographic lending protocol, has been subject to a prophecy machine manipulation attack, and the attackers have stolen approximately $370,000. The hack is due to a flawed oracle, exploited to inflate the B-wstETH-WETH-Stable-gauge price. Specifically, the deposit of 54.6 B-wstETH-WETH-Stable-gauge (obtained by joining the balancer pool w/ 55 WETH) is able to borrow 317 WETH, basically draining the lending funds. Attack method (per SlowMist): Oracle Attack. Reported loss: $ 370,000.
- chain
- —
- protocol
- Themis
- bug_class
- oracle
- date_occurred
- 2023-06-28
- loss_usd
- $370,000
- source_id
- sm:themis::2023-06-28