Loopscale DeFi Protocol Hit with $5.8 Million Exploit
Loopscale, a decentralized finance (DeFi) protocol built on the Solana blockchain, was hit with a significant exploit, resulting in the loss of $5.8 million just two weeks after its official launch. The hack took place on April 26, 2025, and it affected approximately 12% of Loopscale’s total value locked (TVL). This incident is one of the latest security breaches to impact the DeFi ecosystem in 2025, highlighting the vulnerabilities that still persist in the space despite advancements in technology and security measures.
What Happened: The Attack on Loopscale
The exploit targeted a specific market within Loopscale’s platform, which was based on the RateX-based collateral pricing mechanism. According to a statement from the protocol, the root cause of the exploit was an isolated issue in the pricing mechanism of collateral backed by RateX tokens. The attacker exploited this flaw to withdraw significant amounts of assets from the platform, including over $5.7 million in USDC and 1,200 SOL tokens. The hack occurred via undercollateralized loans, taking advantage of the pricing issue within the system.
In response to the attack, Loopscale temporarily restricted certain features of the platform, including withdrawals, while they investigated the situation and worked on recovering the lost funds.
How Loopscale Responded: Investigation and Recovery Efforts
Following the attack, Loopscale co-founder Mary Gooneratne assured the community that the team was fully mobilized to investigate the breach and secure the platform. The protocol also confirmed that it is cooperating with law enforcement agencies and security experts to trace the perpetrator and recover the stolen funds. In an update shared on social media, Gooneratne stated that the attacker had expressed a willingness to return the stolen funds in exchange for a reward, opening the possibility for a negotiated resolution.
At the time of the hack, Loopscale had approximately $40 million in TVL, with products like Creditbook and Yield Loops attracting more than 7,000 active lenders. Loopscale had previously undergone an audit by OShield, which identified critical vulnerabilities in the system. However, these issues were reportedly addressed before the protocol went live. Additional audits by Sec3 were also in progress at the time of the attack.
Background on Loopscale: A Unique Solana DeFi Protocol
Loopscale, launched on April 10, 2025, was initially known as Bridgesplit before rebranding. The protocol raised $4.25 million in venture capital funding in 2021 from prominent investors like Solana Labs, Coinbase Ventures, and others. Unlike traditional pool-based lending protocols such as Aave or Solend, Loopscale operates on an order book-based lending model, allowing for more predictable lending terms and eliminating the volatility commonly associated with variable-rate lending platforms.
This model attracted users due to its transparency and stability in terms of interest rates. During its beta phase, Loopscale processed over $480 million in loans and offered innovative products like Atomic Markets and automated yield strategies via Yield Loops.
The DeFi Hack Trend in 2025: More Exploits on the Horizon
The Loopscale hack is part of a broader trend of increasing cyberattacks on DeFi protocols in 2025. The crypto space has seen a rise in security breaches, with notable incidents such as Bybit’s $1.46 billion hack in February and a $7 million oracle exploit affecting KiloEX. As the DeFi space grows, so do the incentives for malicious actors to exploit vulnerabilities.
While some DeFi platforms have made significant strides in improving security, others remain at risk of similar attacks. Experts argue that while decentralized platforms offer many advantages, their decentralized nature and the absence of a central authority make them more susceptible to exploits.
Loopscale’s Future: Will the Platform Recover from the Hack?
Despite the significant loss and the ongoing investigation, Loopscale’s team remains optimistic about the platform’s future. The protocol has assured its users that it will continue to enhance security measures and that user protection remains a top priority. The team is working on a long-term plan to restore the platform’s functionality and regain user trust.
In the coming months, Loopscale will likely undergo further audits and implement more robust safeguards to prevent future exploits. While the DeFi market continues to grow, incidents like these highlight the importance of ongoing security assessments and the need for users to be cautious when participating in decentralized financial platforms.
Conclusion: A Cautionary Tale for DeFi Platforms
The Loopscale hack serves as a stark reminder of the risks associated with DeFi platforms. Despite the promise of decentralization and innovation, vulnerabilities still exist, and malicious actors continue to target these platforms. As the industry matures, protocols like Loopscale will need to strike a balance between innovation and security to ensure the long-term viability of the DeFi ecosystem. For now, the focus remains on recovering the stolen funds and preventing similar incidents from happening in the future.
