Loopscale Labs Loses $5.7 Million in DeFi Exploit, 12% of Assets Stolen

Loopscale Labs, a decentralized finance (DeFi) project, experienced a significant setback over the weekend when malicious actors exploited its pricing functions. The attack resulted in the theft of approximately $5.7 million in USDC and 1,200 SOL, which accounts for around 12% of the platform’s total assets. The exploit occurred just two weeks after the platform's launch, but the response from the DeFi community has been largely positive, praising Loopscale’s speed, professionalism, and commitment to user recovery.

Loopscale’s core functionality revolves around automating recursive leverage to enhance yield farming efficiency. The process, known as "looping," involves repeatedly borrowing and redepositing assets to boost yield and capital efficiency. Loopscale’s system includes automation, liquidation protection features, and a user-friendly interface that mitigates many perceived risks. This has made Loopscale’s vaults, known for their attractive yields and tokenized market integrations, a favorite among yield farmers seeking structured, lower-friction leverage.

Founded by a small but technically proficient team, including Mary Gooneratne and several early RateX contributors, Loopscale has established itself as a serious player in the Solana DeFi ecosystem. The platform’s recent growth has been driven by its adoption of RateX’s Principal Token (PT) markets. These tokens split a yield-bearing asset into principal and yield components, allowing users to trade, hedge, or lock in fixed returns more flexibly. In Loopscale’s case, PT tokens were used as collateral in the vaults, assuming their pricing would remain tightly aligned to predictable discounting curves.

On April 26, this predictable curve was disrupted. According to Loopscale, a malicious actor manipulated the pricing of RateX PT tokens within its vault system, making the tokens appear more valuable than they actually were. This manipulation allowed the attacker to take out a series of loans that were not fully backed by collateral, resulting in the withdrawal of $5.7 million USDC and 1,200 SOL from Loopscale’s vaults. The vulnerability was not in RateX itself but in how Loopscale’s contracts priced the RateX tokens.

RateX founder Sean Hu clarified that the incident was an oracleORCL-- attack, where the attacker manipulated the oracle price of collateral on Loopscale to borrow funds and drain the lending pool. RateX confirmed that its protocol itself has no security issues and that no RateX users suffered losses in this incident. RateX is also assisting Loopscale in tracking the hacker and recovering funds.

Upon detecting the exploit, Loopscale immediately halted all market functions to prevent further damage. This included disabling new loops, deposits, and withdrawals across the platform while the team worked to address the situation. Loopscale’s handling of the crisis was praised for its transparency and efficiency. The team issued a clear initial disclosure, re-enabled critical functions like loan repayments and loopLOOP-- closing the following day, and began coordinating with law enforcement and security professionals.

On April 28, Loopscale announced that it had successfully established contact with the attacker. The exploiter responded to an onchain message proposing a white hat resolution, agreeing to return a portion of the stolen funds in exchange for a bounty. While Loopscale initially offered a 10% reward, the exploiter countered with a 20% ask, citing frozen assets on crosschain bridges and offering to immediately return part of the stolen funds to prove good faith.

At the time of publication, negotiations remain ongoing. However, the initial signals are positive. A partial return of the stolen funds appears to have already occurred, and Loopscale is preparing a detailed post-mortem and structured plan for resuming vault withdrawals. The team has also promised users a clear roadmap for what recovery will look like. This incident highlights the ongoing challenges and risks in the DeFi space, but also the resilience and collaborative efforts within the community to address and mitigate such issues.