Updated Post-Mortem Reveals Severity of Attack
On April 17, 2026, Rhea Finance released a detailed post-mortem revealing that the exploit on its lending protocol on April 16 drained approximately $18.4 million — more than double the initial estimate of $7.6 million, per The Block. The attacker manipulated liquidity pools and used a “deliberately constructed swap route” to open numerous margin trading positions, borrowing debt tokens and routing them into fake token pools while returning only negligible position tokens to the protocol, per. This left positions undercollateralized, triggering liquidations that depleted the protocol’s reserve pool, per.
Significant Portion of Funds Recovered or Frozen
Rhea reported that roughly $11.2 million in assets have already been returned or frozen. The attacker sent back 3.36 million USDC and 1.56 million NEAR (valued at approximately $3.5 million), while 4.34 million USDT has been frozen, confirmed by Tether CEO Paolo Ardoino, per. The protocol has paused the affected contracts and is working with exchanges and investigators to trace the remaining $5.6 million in stolen tokens, per. A compensation and recovery framework is being developed, though specific details have not yet been disclosed, per.
Response from the Community and Protocol
Aurora Labs and Near Intents co-founder Alex Shevchenko sent an on-chain message to the attacker, stating they had “identified you and your associated accounts” and urging the return of the remaining assets, per. The incident highlights ongoing vulnerabilities in DeFi lending protocols, particularly around margin trading and liquidity pool manipulation, per.
Market Context and Implications
The revised loss figure underscores the potential scale of sophisticated DeFi exploits even in established protocols. Rhea Finance has not yet detailed the exact compensation plan for affected users, but the team emphasized that the attack resulted in “realised losses within the protocol,” impacting both reserves and users, per. The broader crypto market, including Bitcoin and Ethereum, showed limited immediate reaction to the news.
