Loopscale Recovers $5.8M in Full After Exploit Deal With Hacker

• Loopscale got back $5.8m after a hacker took just 10% of the stolen amount and reportedly returned the balance.
• The exploit targeted a pricing vulnerability in RateX PT tokens but did not impact borrowers or loopers.
• Loan repayments were resumed, although withdrawals are still frozen.

Loopscale has fully recovered $5.8 million lost in a recent exploit after striking a deal with the attacker. The decentralized finance platform stated that all the user deposits were refunded within 72 hours of the leakage.

The exploit happened on April 26 and affected Loopscale’s RateX PT token pricing mechanism, resulting in a loss of 5.7 million USDC and 1,200 SOL. These affected stocks were associated with USDC and Solana vaults. As reported by the team, the loopers and borrowers were not affected.

Loopscale was prompt in its response to the attack by halting markets and engaging with the attacker onchain. A proposal was made to return 90% of the coins and to get a 10% whitehat bonus for free from legal prosecution. The hacker accepted.

Loopscale received the final 19,999 SOL at 3:30 AM EST on April 28, marking the successful fund recovery. This bounty was estimated to be around 3,947 SOL at the current rates. Subsequently, the lending mechanism allowed for loan repayment and loop-closing again.

Vault withdrawals have been frozen for further deliberation after being suspended for a while. The team is preparing a detailed report on how the attempt was made and how such loopholes are to be avoided in the future.

Whitehat Outcome Gains Industry Praise

The decision to make the bounty whitehat helped to prevent further harm for a long time. Mary Gooneratne, one of the co-founders, also attributed the support from the overall crypto market to keeping Loopscale afloat through the turbulent period.

She pointed out that the resolution is only possible because of timely engagement between the Solana and decentralized finance communities.

Term Finance Hit by Liquidation Glitch

While Loopscale recorded a good recovery, Ethereum-based Term Finance was equally sad after losing $1.5 million due to a faulty update from the oracle. Blockchain security firm TenArmorAlert reported this incident through two linked transactions, both related to Term Labs.

The exploit was not caused by a vulnerability in smart contract. Instead, a flawed tETH oracle led to the wrong liquidation action. This allowed one particular user to sell more than 586 Treehouse collateral positions for ETH.

Term Finance acknowledged the incident, explaining that it had occurred in the tETH market. Other funds were not affected. The company stated to the users that it would cover all the losses and has already started making the necessary adjustments.

These events associated with Loopscale and Term Finance show that the most significant dangers are looming over DeFi and all other crypto platforms. Blockchain security company PeckShield reported that more than $1.6 billion in digital assets were lost in Q1 of 2025.

One such attack, $1.5 billion stolen from Bybit in February, for instance, contributed more than 90% of such losses. That attack was attributed to the North Korea-sponsored Lazarus Group, which has been associated with several big-name cyber-attacks on cryptocurrencies.