$18.4M Exploit Hits Rhea Finance's DeFi Protocol Amid Fake Token Manipulation

$18.4M Exploit Hits Rhea Finance's DeFi Protocol Amid Fake Token Manipulation

First seen 17 Apr 2026, 02:59 UTC PanewslabBitgetTheblock.CoMexc 80% similarity 66.0

Article Content

Browse articles
ThreatCluster

Rhea Finance experienced a significant exploit on April 16, 2026, resulting in losses estimated at $18.4 million, more than double initial estimates of $7.6 million. The attack targeted the protocol's margin trading feature, where the attacker utilized a deliberately constructed swap route to create fake token pools. This manipulation allowed the attacker to funnel borrowed debt tokens into these pools, leading to undercollateralized positions and subsequent liquidations. The Rhea Lend smart contract was directly affected, while the Rhea DEX contract remained secure but was paused as a precaution. Recovery efforts are ongoing, with some funds already returned or frozen, including approximately $3.5 million in USDC and NEAR. The protocol is working with exchanges and law enforcement to trace the remaining stolen assets. A full incident analysis report is expected to be released soon.

Key Points: • Rhea Finance lost approximately $18.4 million due to a sophisticated exploit. • Attackers manipulated liquidity pools using fake token contracts to trigger liquidations. • Ongoing recovery efforts have led to some funds being returned or frozen.

ThreatCluster AI

Timeline

2026-04-16
Rhea Finance exploit occurs, initial losses estimated at $7.6 million.
2026-04-17
Rhea Finance updates losses to $18.4 million in post-mortem report.
2026-04-17
Rhea Finance pauses affected contracts and begins recovery efforts.

Community

Browse all →