The decentralized finance (DeFi) protocol, Loopscale, based in Solana, became this weekend the latest victim of a hacking attack in the digital currency ecosystem.
On Saturday, a malicious actor took a series of under-collateralized loans on the protocol, exploiting the vaults of tokens $USDC and $SOL for approximately USD $5.8 million, indicated Loopscale co-founder Mary Gooneratne on X.
Launched at the beginning of the month, Loopscale is a DeFi lending protocol designed to improve capital efficiency by directly matching lenders and borrowers. It differs from other lending protocols like Aave or Solend, which aggregate cryptocurrency deposits into liquidity pools and offer more predictable terms.
In 2021, the project raised USD $4.25 million from Solana Labs, Coinbase Ventures, and other venture capitalists. At that time, it was known as Bridgesplit, and proposed a yield product based on non-fungible tokens (NFTs), as recalled by The Block.
The protocol was audited by OShield, which found several critical vulnerabilities when it conducted the audit between January and February of this year, and reportedly, another audit by Sec3 is in progress, according to coverage. Loopscale's online documentation details that the project 'has been audited and is currently undergoing additional audits. All critical and high-risk issues identified have been resolved.'
Loopscale initially restricted the features of its platform on Saturday, including refunds and loans, but then re-enabled them overnight as developers addressed the incident.
Another hack in cryptocurrency
The hacking attack joins the growing list of cryptocurrency incidents in 2025. So far this year, the space has seen hackers steal over USD $1.4 billion in an attack against the exchange Bybit, USD $7 million in an oracle exploit on the DeFi platform KiloEx, approximately USD $5 million from an airdrop admin account of ZKsync, among others.
By the first quarter of 2025, losses of over USD $1.7 billion were reported in the cryptocurrency sector due to hacks, exploits, scams, fraud, and more, according to a report by Finbold.
This week, the team from $XRP Ledger said it thwarted a 'catastrophic' attack that injected malicious code into the developer kit.
