The decentralized lending protocol Loopscale, operating on the Solana blockchain, has temporarily halted all markets following a massive cyberattack that resulted in the theft of assets exceeding $5.8 million. According to co-founder Mary Gunaratne, the attacker gained access to a series of under-collateralized loans, allowing them to withdraw significant amounts of USDC and Solana from the protocol’s vaults.
This is reported by Business • Media
“The attacker obtained a series of under-collateralized loans, which enabled them to withdraw large volumes of USDC and Solana,” Gunaratne noted.
According to information released on April 26, 2025, as a result of manipulating the price functions of the RateX PT token of the Loopscale protocol, approximately 5.7 million USDC and 1,200 SOL were exported from the protocol’s vaults. Consequently, all trading operations on the platform were temporarily suspended to allow the team to conduct an investigation and prevent further losses.
Measures Taken and Current Status of the Protocol
After detecting the malicious activity, the Loopscale team resumed loan repayments and account top-ups; however, withdrawals from the vaults remain restricted. Project representatives stated that they are currently actively investigating the incident and taking measures to minimize losses for users. Experts estimate that the total losses amounted to about 12% of the protocol’s total value locked (TVL).
Launched on April 10, 2025, Loopscale offers an innovative lending model that connects lenders and borrowers directly, bypassing traditional liquidity pools. Among the financial instruments offered are structured loans and accounts receivable financing.
According to the platform OurNetwork, prior to the incident, the total value locked (TVL) of the protocol exceeded $40 million, with over 7,000 users. The primary vaults for USDC and Solana provided yields of approximately 5% and 10% annually, respectively, attracting investors to the project.
The Loopscale exploit contributed to the overall negative statistics for the first quarter of 2025. According to the analytical platform Hacken, over $2 billion was stolen from cryptocurrency exchanges and DeFi protocols during this period, with a significant portion attributed to the attack on the ByBit exchange.
It is worth noting that it was previously reported that the KiloEx platform returned funds after a hack involving $7.5 million.