Decentralized finance protocol Rho Markets is back online after a misconfigured Oracle issue last week, which led to an MEV bot scooping up $7.6 million in stablecoins from the protocol.
On July 21, the Scroll-based liquidity layer and lending protocol stated that it had just completed the simulation of repaying all remaining funds to the affected pools.
Another message on X quickly followed, reporting that the protocol was back online and funds had been successfully allocated.
Rho Markets was manipulated on July 19, leading to a loss of $7.6 million worth of stablecoins USDC and USDT.
The entity behind the bot posted a message onchain to the team on July 19 stating that its MEV (maximal extractable value) bot profited from a price oracle misconfiguration.
“We understand that the funds belong to users and are willing to fully return [them],” it stated, before adding a condition.
“But first, we would like you to admit that it was not an exploit or a hack but a misconfiguration on your end.”
The entity asked the Rho Markets team to provide details of measures taken to mitigate further incidents.
On July 22, the team thanked the community and users for their support and pledged tighter security measures.
“We will introduce more third-party partners to enhance security measures, including on-chain data monitoring and smart contract audits,” it stated before adding that it will also “strengthen internal security measures such as multiple internal reviews and rigorous simulation environment testing.”
It has also assured users that no funds were lost.
Cointelegraph reached out to Rho Markets for further details but did not receive an immediate response.
Rho Markets total value locked tanked 54% around the time of the misconfiguration, falling from $51 million to $23.4 million, according to DefiLlama. It has yet to recover and remains at $24.6 million at the time of writing.
Last week was the second most lucrative week for crypto hackers in terms of stolen funds. On July 18, crypto exchange WazirX was hacked for over $230 million and the Li.Fi protocol was exploited for $10 million on July 16.