The tweet was deleted by the author.
But we saved everything 🙂.
DeFi protocol Summer Finance, also known as Summer.fi, was hit by a $6 million attack, according to onchain analysts.
Blockchain security firm Blockaid first flagged the incident early Monday morning. Other analysts later shared additional details of the attack.
Cyvers wrote on X that the attacker apparently exploited a vulnerability in the share accounting mechanism through price manipulation. After that, the attacker swapped the stolen $6 million into the DAI stablecoin and transferred the funds to an address under their control.
CertiK said the attacker used a $65.4 million flash loan to obtain $70.9 million during the redemption process. To do this, the attacker manipulated how Summer.fi’s Lazy Summer Protocol accounted for assets in its vaults.
Lazy Summer Protocol is an automated yield optimization system. It uses AI keepers to dynamically allocate and rebalance user deposits across various high-yield lending platforms.
According to CertiK, the attacker was able to withdraw $70.9 million after a $64.8 million deposit by manipulating the totalAssets() accounting in the FleetCommander contract across several vaults. The Silo: Varlamore USDC Growth vault played a particularly important role, as the attacker had accumulated its tokens in advance and then transferred them to Ark.
FleetCommander is a smart contract that manages the vaults, while Ark connects a vault to a lending protocol.
Summer.fi has not yet confirmed the exploit through its official channels. The exact cause of the attack remains unknown.
The development of AI has made the work of cybercriminals noticeably easier. They no longer need to manually write complex malicious code, spend a long time crafting phishing messages, or spend weeks looking for weaknesses in infrastructure. AI tools help them analyze smart contracts faster, find vulnerabilities, generate convincing phishing emails, and create fake websites for crypto projects. As a result, attacks are becoming cheaper and faster, causing crypto companies multimillion-dollar losses.
Deepfakes have become a separate problem. Hackers use fake videos and voices of project founders, exchange executives, and well-known investors to deceive users and company employees. Such materials are used in fake token giveaways, investment scams, calls impersonating top managers, and attacks on project teams. For the crypto industry, this is especially dangerous because a single convincing message or fake call can lead to the leak of private keys, wallet access, or multimillion-dollar losses.
As a reminder, a vulnerability in Cardano’s SecondFi could have cost users more than $20 million.