How a Price Manipulation Attack Cost Loopscale $5.8 Million?

Published on: April 30, 20257 minutes

Author: QuillAudits Team

Loopscale is a lending and borrowing protocol on the Solana blockchain, which went mainnet on April 10, 2025, and recently lost $5.8M to a Price Manipulation Attack.

On April 26, 2025, at 15:28 UTC, the initial attack occurred, followed by subsequent attacks to drain the protocol lending vault. The loss comprised around 12% of the protocol’s TVL. The analysis covers the hack details, how it happened, the attack flow, and the funds lost.
 

Hack Analysis and Its Impact

Loopscale is an orderbook-based lending protocol that also offers leveraged lending positions to users called “Loop”. Loopscale supports a wide range of assets, including staked tokens, LP positions, and more.

The root cause of the attack was tied to the protocol’s pricing mechanism. Initially, the attacker deployed the program (BdADVdaAdDbFo85EP2ynEanQQMDDJgPyTZmAKtaHKRbK) to manipulate how Loopscale vault system prices the Rate X PT tokens.

image (11).webp

Using the mispriced tokens, the attacker then borrowed a series of loans that were backed by poor collateral (undercollateralized loans). Though it is important to note that the issue was with how Loopscale priced the RateX PT tokens and not the RateX itself.

image (12).webp

image (13).webp

Fund Flow Post Attack

Attacker Wallets

4QsqugQcrCuSVzU9WjeLDoR6HaaSZtMEZr5JCyxwHgCV (Loopscale Exploiter 1)

C1QyPYoWQiueqhtLeaG5Nhkv1LJ8oweBNCbfGJ3LprYT (Loopscale Exploiter 2)

0xc9d30E520Af584d0867FfC71DE162f1C09987Fe8 (EVM Wallet of Attacker)
 

Relevant Transactions/Signatures

3LcknBmavGUAMJvNMAc5xwsLqFaKs3vfguWsoTNYzpBv76B4ChiagitSHogpdMwWZpuKDV3a62uT4wXn2SvLZvGP

55dmSjy4Whjfqbfp8LwRduzTwz1fDeLu6aj8STqDXeiezZneNJwr2XiX3Qy7yWb2G2DL3d991ACD6sejNkQ7eH5Q


Initially, the USDC stolen was swapped with SOL and transferred to another wallet of the hacker.

image (14).webp

image (15).webp

Once the funds were swapped in SOL, the funds were bridged through Wormhole which were frozen later.

image (16).webp

image (17).webp

Return of Funds and Team Response

The team was quite active while blocking and tracing the funds. The team managed to contact the attacker, and after successful negotiations, the team was able to retrieve all the funds, including ~5.7M in USDC and 1,211 SOL, according to their tweet.
 

How the Hack Could Have Been Prevented?

The attacker manipulated the pricing logic of the protocol vault which led to siphoning of the funds from USDC and SOL vaults. A better pricing mechanism for the PT Tokens could have been a better approach here.

The protocol can use TWAP (Time-Weighted Average Price) for pricing assets to prevent such vulnerabilities.
 

Conclusion

Loopscale is a lending and borrowing protocol live on Solana, which got hit by a Price Manipulation Attack after 2 weeks of going live on Mainnet.

DeFi protocols are getting fairly complex. In the case of Loopscale, they have implemented leveraged lending products for the users to amp up the yields. With the increasing complexity, it is important to keep the security ahead and get robust audits done.

At QuillAudits, we make sure your smart contracts are fit to hit the mainnet with our 7 years of expertise & 1400+ audits. We also provide the auditing service for Solana-based Smart Contracts.

Loading...
Loading...
Loading...
Telegram