The dForce ecosystem has suffered a hacker attack, resulting in significant asset losses.

On April 19, the lending platform Lendf.Me in the dForce ecosystem was hacked, resulting in approximately $25 million in assets being illegally withdrawn. After the incident, the team took swift action, suspending the operation of related contracts and shutting down the website for investigation.

According to reports, hackers exploited a vulnerability in the ERC777 standard of imBTC assets to carry out a reentrancy attack. This method allows hackers to repeatedly use forged imBTC as collateral, thereby continuously borrowing funds.

The founder of dForce, Yang Minda, issued a statement after the incident, detailing the course of events and the team's response measures. He stated that the team detected abnormal trading activities through the internal monitoring system at around 9:15 AM Beijing time on April 19, and immediately took emergency measures.

Currently, the dForce team is collaborating with multiple parties to seek solutions:

1. Collaborate with top security teams to conduct a comprehensive security assessment of Lendf.Me.
2. Actively discuss feasible remedies with partners.
3. Work closely with major trading platforms, over-the-counter traders, and law enforcement agencies to recover stolen funds and track the Hacker's whereabouts.

Yang Mindao emphasized that this attack not only affected users and partners but also caused serious financial losses for himself and the entire team. Despite encountering such difficulties, he stated that the team would not give up easily and would continue to work hard to solve the problems.

The dForce team promises to provide the community with more detailed explanations and clarifications before the end of the day. This incident once again highlights the challenges that blockchain projects face in terms of security, and reminds industry professionals of the need to continuously strengthen security measures to prevent similar risks.