Rho Markets, a decentralized lending protocol on the Scroll blockchain, recently faced a security incident that compromised its USDC and USDT pools. Despite the severity of the attack, Rho Markets has assured users that no funds were lost, thanks to quick actions and cooperation from the exploiters.

Security Breach and Initial Response

The incident was first reported by blockchain security firm Cyvers, revealing that attackers had gained control of Rho’s oracle and siphoned $7.6 million from the protocol. The Scroll team responded by temporarily halting the finalization of the blockchain to assess the situation and prevent further damage.

Exploit Details and Negotiation

The exploiters, identified as possessing a maximal extractable value (MEV) bot, contacted Rho Markets via an onchain message. They claimed the incident resulted from an oracle misconfiguration rather than a deliberate hack. The attackers offered to return the funds on the condition that Rho Markets acknowledged the misconfiguration and outlined steps to prevent future occurrences.

Rho Markets’ Assurance

Rho Markets swiftly announced that no funds were lost and began reallocating assets to the impacted borrow pools. The protocol emphasized their commitment to transparency and security, reassuring users of their funds’ safety.

Official Response Plan

To address the recent events, Rho Markets has outlined a comprehensive plan. The first step involves identifying accounts that actively supplied funds during the period when the oracle encountered issues. Next, they will replenish the funds into the USDC, USDT, and wstETH pools to restore affected balances seamlessly. Lastly, Rho Markets will reinstate borrowing and transfer functionalities while adhering to stringent security protocols to prevent future incidents.

Comparative Analysis

This incident comes on the heels of a more significant security breach affecting Indian crypto exchange WazirX, where over $230 million was stolen by attackers linked to the North Korean cybercrime group Lazarus. According to blockchain wallet tracker Spot On Chain, $200 million of the stolen funds were converted to ether. The contrasting responses between Rho Markets and WazirX highlight the varying levels of security and crisis management within the crypto industry.

Rho Markets’ proactive response and transparent communication have been critical in managing the fallout from the oracle exploit. By acknowledging the issue and working with the exploiters, Rho Markets successfully mitigated potential losses and reassured their user base. This incident underscores the importance of robust security measures and the need for ongoing vigilance in the rapidly evolving crypto landscape.