Loopscale Suffers $5.8 Million Hack in First Two Weeks
Loopscale, a decentralized finance (DeFi) protocol on the Solana blockchain, experienced a severe security breach, losing $5.8 million just two weeks after its official launch. The hack, which occurred on April 26, 2025, impacted about 12% of Loopscale’s total value locked (TVL). This exploit highlights ongoing vulnerabilities in the DeFi space despite advancements in technology and security practices.
The Attack on Loopscale: A Detailed Look
The exploit targeted a specific market on Loopscale’s platform, built around the RateX-based collateral pricing mechanism. The root cause was a flaw in the pricing system for collateral backed by RateX tokens. The attacker took advantage of this vulnerability to withdraw over $5.7 million in USDC and 1,200 SOL tokens via undercollateralized loans, exploiting the pricing issue.
In response, Loopscale restricted certain features, including withdrawals, while investigating the breach and working to recover the stolen funds.
How Loopscale Handled the Exploit: Investigation and Recovery Efforts
Co-founder Mary Gooneratne assured the community that the team was working swiftly to investigate the breach and secure the platform. The protocol is collaborating with law enforcement and security experts to trace the hacker and recover the funds. Gooneratne also shared that the attacker had expressed willingness to return the funds in exchange for a reward, offering a possible negotiated resolution.
At the time of the attack, Loopscale had about $40 million in TVL, with over 7,000 active lenders. Despite a previous audit by OShield, which identified vulnerabilities, the protocol went live after addressing the issues. A second audit by Sec3 was underway during the attack.
Loopscale’s Unique Approach: A Solana-Based DeFi Protocol
Launched on April 10, 2025, Loopscale—previously known as Bridgesplit—raised $4.25 million in venture funding in 2021 from investors like Solana Labs and Coinbase Ventures. Unlike traditional pool-based lending protocols such as Aave or Solend, Loopscale operates on an order book-based model, offering more predictable lending terms and eliminating the volatility seen in variable-rate systems.
During its beta phase, Loopscale processed over $480 million in loans, offering innovative products like Atomic Markets and automated yield strategies via Yield Loops.
The Increasing Trend of DeFi Hacks in 2025
The Loopscale hack reflects a wider trend of increasing cyberattacks targeting DeFi protocols. Notable incidents in 2025 include Bybit’s $1.46 billion hack and a $7 million oracle exploit affecting KiloEX. As DeFi grows, so do the incentives for attackers to exploit vulnerabilities.
Although some platforms have enhanced their security measures, many DeFi protocols remain at risk. Experts argue that the decentralized nature of these platforms makes them more vulnerable to exploitation.
Can Loopscale Recover from the Hack?
Despite the substantial loss, Loopscale’s team remains optimistic about the protocol’s future. The platform is committed to improving its security measures and prioritizing user protection. The team is working on a comprehensive plan to restore functionality and regain trust. Loopscale will undergo additional audits and introduce more robust safeguards in the coming months.
Conclusion: A Lesson for DeFi Platforms
The Loopscale hack serves as a cautionary tale for DeFi platforms, emphasizing the ongoing risks despite the promise of decentralization and innovation. As the industry matures, platforms like Loopscale must balance innovation with security to ensure the long-term success of the DeFi ecosystem. The current focus remains on recovering stolen funds and implementing measures to prevent future breaches.
