The decentralized finance (DeFi) sector faced another major setback this weekend as two protocols, Loopscale and Term Finance, suffered exploits totaling over $7 million in losses.
These incidents have fueled growing concerns about the vulnerabilities of DeFi platforms in 2025.
Loopscale Loses $5.8 Million in Major Exploit
On April 26, Solana-based Loopscale reported a significant security breach impacting its USDC and SOL vaults.
The exploit drained around $5.8 million, representing roughly 12% of the platform’s total value. Notably, this attack came just two weeks after Loopscale’s official launch.
Loopscale’s co-founder, Mary Gooneratne, confirmed that an attacker exploited the system by securing under-collateralized loans.
Investigations revealed that the root cause stemmed from an isolated issue in the platform’s RateX-based collateral pricing system.
However, Loopscale clarified that RateX itself was not compromised.
“The root cause of the exploit has been identified as an isolated issue with Loopscale’s pricing of RateX-based collateral. There is no issue with RateX itself related to this. Loss of funds explicitly affects depositors to SOL and USDC Genesis vaults,” Loopscale stated.
Following the breach, Loopscale temporarily halted all markets to assess the damage.
The platform has since resumed partial operations, enabling key functions like loan repayments, top-ups, and loop closures, while vault withdrawals remain restricted.
To recover the stolen funds, Loopscale offered a 10% bounty to the attacker and proposed a whitehat agreement.
The platform requested the return of 90% of the stolen assets and warned of legal action if the attacker did not respond by April 28.
“We agree to allow you to retain a bounty of 10% of the funds (3,947 SOL) and release you from any and all liability regarding the attack,” Loopscale added.
Loopscale is currently working with security firms and law enforcement agencies to manage the situation.
Term Finance Suffers $1.5 Million Liquidation Loss
Meanwhile, Ethereum-based Term Finance, a pioneer in scalable fixed-rate lending, also reported a security incident on April 26.
Blockchain security firm TenArmorAlert identified two suspicious transactions linked to Term Labs, resulting in losses of about $1.5 million.
“It appears that something is wrong with the liquidation. Someone spent a very small amount of ETH to liquidate over 586 Treehouse collateral,” TenArmorAlert stated.
Term Finance later confirmed that a faulty update to its tETH oracle caused the problem. Fortunately, no smart contracts were exploited, and the issue was contained within the tETH markets.
The platform assured users that all other funds remain secure and has committed to a full reimbursement plan for those affected.
These attacks contribute to a worrying trend in 2025, with crypto projects losing close to $2 billion this year.
High-profile incidents like Bybit’s $1.46 billion hack in February have shaken confidence across the industry.
Tim Haldorsson, founder of Lunar Strategy, questioned whether DeFi returns justify the ongoing exploit risks.
He suggested that DeFi yields might lag behind traditional investments like bonds once adjusted for hack-related losses.
“How safe is actually all this defi? We are chasing yield, but hack-adjusted is it actually better than just holding bonds,” Haldorsson questioned.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
