Deus Finance Hack: An In-Depth Analysis of the $6.5 Million Loss

Deus Finance Hack: An In-Depth Analysis of the $6.5 Million Loss

Deus Finance, a decentralized finance (DeFi) protocol, just suffered its third major hack, resulting in a loss of around $6.5 million across the Arbitrum, BSC, and Ethereum networks. The DEI stablecoin, used as collateral for third-party instruments built on the Fantom protocol, also depegged by over 80%. This incident has raised serious concerns over the security and trustworthiness of the protocol, as it is the third time hackers have targeted Deus DAO. In this article, we will analyze the hack itself and past ones. 

Breakthrough of the Event

The hack on Deus Finance was due to a simple implementation error/bug in the DEI token contract, which was introduced during an upgrade in the previous month. The “burnFrom” function was misconfigured, with the '_allowances' parameters 'msgSender' and 'account' written into the contract in the wrong order. This error created a public burn vulnerability the attacker could exploit to gain control over DEI holders' approvals and transfer assets directly to their addresses.

The attacker's process involved the following steps:

  • First, the attacker identified an address with large amounts of DEI tokens.
  • Then, the attacker approved a large token allowance for the chosen DEI holder's address.
  • He calls the “burnFrom” function with an amount equal to 0 and the target address as a parameter. This action exploits the misordered parameters, allowing the attacker to update the approval to their own address and drain the holder's funds.
  • The attacker then calls the “transferFrom” function to move the drained funds to the attacker's address.

The attacker targeted the Arbitrum network, the Binance Smart Chain (BSC), and the Ethereum network, resulting in losses of approximately $5 million on Arbitrum, $1.3 million on BSC, and $135k on Ethereum.

Attacker’s address (Arbitrum): 0x189cf534de3097c08b6beaf6eb2b9179dab122d1 

Example attack tx (Arbitrum): 0xb1141785… 

Frontrunner address (BSC): 0x5a647e376d3835b8f941c143af3eb3ddf286c474 

Example attack tx (BSC): 0xde2c8718… 

Attacker’s address (Ethereum): 0x189cf534de3097c08b6beaf6eb2b9179dab122d1 

Example attack tx (Ethereum): 0x6129dd42…

As the vulnerability became public knowledge, some whitehats were able to step in and mitigate further damage. On the BSC, the exploit was front-run, and an on-chain message indicated the intent to return the stolen funds to Deus Deployer. Over $600k in USDC has been returned to a recovery multi-sig by another whitehats. Despite these efforts, questions remain about the trustworthiness of the thrice-hacked protocol and its ability to prevent future incidents.

Deus Finance's Response

Deus Finance acknowledged the hack and confirmed a multi-sig address for whitehats to return funds. They also mentioned a recovery plan for users who lost out in the exploit and contacted the attacker on-chain. However, given that the account was initially funded via Tornado Cash on BSC, the chances of recovering the funds look slim.

Previous Hacks and the Future of Deus Finance

This recent attack marks the third time Deus Finance has been targeted by hackers. In March 2022, the protocol suffered a flash-loan attack resulting in over $3 million in losses in Dai and Ether. In April 2022, another attack led to a loss of nearly $13.4 million, mainly in Ethereum.

These repeated incidents have raised questions about the security measures and practices of Deus Finance, and whether it can still be trusted after being hacked thrice. The future of Deus Finance remains uncertain, with investors and users likely to be wary of the protocol's ability to protect their assets.


The recent Deus Finance hack highlights the importance of robust security measures and thorough code audits in DeFi protocols. With increasing numbers of hacks and exploits in the DeFi space, it is crucial for projects to prioritize security and ensure that they are well-protected against potential threats. The future of Deus Finance hangs in the balance as the protocol works on regaining the trust of its users and investors following this latest attack.

Next generation threat prevention

Book a Demo

Next generation blockchain threat prevention

Identify patterns and anomalies across blockchains in real-time for proactive mitigation.

Book a Demo
Next generation blockchain threat prevention- Identifies patterns and anomalies across web3 in real-time for proactive mitigation.