Raft Finance floats user bailout plan after odd exploit

An attacker stole 1,575 ETH from Raft, then burned 1,570 of it

by Macauley Peterson /
article-image

Profit_Image/Shutterstock modified by Blockworks

share

Raft Finance experienced a severe security breach on Friday when a hacker managed to exploit a vulnerability in the protocol, resulting in the loss of approximately $3.3 million in ether.

The protocol originated as a fork of Liquity that replaced ether with staked ether as the collateral source backing its stablecoin, R. The exploit caused R to deviate from its intended $1 peg.

That prompted the team behind Raft to confirm the vulnerability and pause further minting to prevent additional losses​​​​.

Newsletter

Subscribe to Blockworks Daily

According to a post-mortem blog post published Monday, the attacker was able to mint 6.7 million R, which was then swapped for 1,575 ether (ETH) causing R to de-peg.

Read more: Liquity aims to build on safety record with V2 using staked ether

In a surprising turn of events, the attacker then sent 1,570 ETH to a burn address, effectively removing it from circulation. This action left the hacker with only 7 ETH from the stolen funds.

Prior to the attack, the hacker’s address had received 18 ETH through a crypto mixer service, suggesting a level of premeditation and planning for the attack​​​​​​.

The circumstances of this attack are unusual, in that the large majority of the stolen funds were burned, leading to speculation about the attacker’s motives. The loss may have been accidental.

Loading Tweet..
Loading Tweet..

It’s not yet clear what comes next for the protocol and its users. Developers have promised an “in-depth recovery plan this week, outlining the steps to address the situation and provide redress for affected users,” the team said in its post-mortem statement.

“The Raft community will have the opportunity to provide feedback on the proposed recovery plan before it is concluded and the recovery plan is executed,” it said.

Raft issued a governance token (RAFT) in an airdrop on Oct. 11, intended to be staked to provide holders with voting rights over the protocol. The price of RAFT has plummeted about 60% since the exploit, per Coingecko.

Total value locked (TVL) in the protocol peaked in July at $64 million, and has been on a steady decline since, according to DefiLlama — just $1.48 million remains as of today.

Meanwhile, the formerly dollar-pegged stablecoin R is volatile with very limited liquidity on a handful of decentralized exchange markets. Although the developers have suspended the creation of new R tokens, users can still repay their R-related debts to retrieve collateral that is locked in the protocol.

Get the news in your inbox. Explore Blockworks newsletters:

  • Blockworks Daily: The newsletter that helps thousands of investors understand crypto and the markets, by Byron Gilliam.
  • Empire: Start your morning with the top news and analysis to inform your day in crypto.
  • Forward Guidance: Reporting and analysis on the growing intersection of crypto and macroeconomics, policy and finance.
  • 0xResearch: Alpha directly in your inbox. Market highlights, data, degen trade ideas, governance updates, token performance and more.
  • Lightspeed: Built for Solana investors, developers and community members. The latest from one of crypto’s hottest networks.
  • The Drop: For crypto collectors and traders, covering apps, games, memes and more.
  • Supply Shock: Tracking Bitcoin’s rise from internet plaything worth less than a penny to global phenomenon disrupting money as we know it.
Tags

Upcoming Events

Permissionless IV

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

buy ticketslearn more

Digital Asset Summit 2025

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy ticketslearn more

recent research

tg trading bot report graphic.png

Research

Telegram Trading Bots: Robinhood Without Borders

Telegram trading bots have found their primary niche in highly speculative token launches and retail-dominated memecoin markets, with many features specifically tailored to token sniping and copy-trading strategies.

by Danny K

/

news

article-image

0xResearch Newsletter

Can Ethereum win big with data availability?

Ethereum is hoping that increased DA will grow user demand — and its profits through DA fees

by Donovan Choy /
article-image

AnalysisSupply Shock

126 million BTC? How Bitcoin’s absolute scarcity was saved

11 years ago, Bitcoin contributors prevented a supply crisis… two centuries from now

by David Canellis&Pete Rizzo /
article-image

DeFiEmpire Newsletter

Paradigm’s Samczsun warns there’s ‘more to the DPRK than just the Lazarus Group’

Both samczsun and ZachXBT have issued warnings after the Bybit hack last month

by Katherine Ross /
article-image

PeopleSupply Shock

Investor who bought bitcoin at $5 says Saylor is making a $1.5B mistake

The investor criticized Michael Saylor’s plan to render his personal bitcoin holdings inaccessible to anyone else forever

by Pete Rizzo /
article-image

DeFiLightspeed Newsletter

Jupiter’s risk vault unlikely to face Hyperliquid-style attack

The exchange has structural defenses and protocols to limit manipulations

by Jeff Albus /
article-image

BusinessEmpire Newsletter

Exclusive: DeFi yield platform Upshift exits stealth

Upshift is being spun out of August, which raised $10 million earlier this month

by Katherine Ross /