Decentralized finance (DeFi) protocol Deus Finance has lost over $6 million due to a security breach on its stablecoin DEI. The hacker exploited a vulnerability in BNB Smart Chain (BSC) on May 5, according to blockchain security firm PeckShield. 

A bot initiated the hack on BSC, which led to a more than $1.3 million loss. The attacker also targeted the Arbitrum network, with ARB/ETH deployments losing over $5 million. Twitter users claimed the token contract had a basic implementation error as the root cause.

The protocol confirmed the attack, paused all contracts and burned DEI tokens to prevent further damage. “We are currently in the process of comprehending the actual backing of DEI tokens,” said the Deus team on Twitter, adding that a “comprehensive recovery and redemption plan” will be created after a full analysis of the balances and snapshots.

Related: Darknet hackers are selling crypto accounts for as low as $30 a pop

DEI is used as a collateral mechanism for third-party instruments built on the Fantom protocol. Its price dropped 30% over the past 24 hours, data from CoinMarketCap shows. The stablecoin is trading at $0.20 at the time of writing, losing its $0.30 peg. Last year, the stablecoin also lost its $1 peg after the Terra collapse.

It is not the first time that Deus Finance has been hacked. The protocol was exploited in March 2022 in a flash-loan attack, resulting in over $3 million in losses in Dai (DAI) and Ether (ETH). At the time, PeckShield revealed the exploiters funneled the stolen funds using the crypto mixer Tornado Cash.

Deus Finance is a decentralized marketplace allowing digital assets and non-digital assets, such as commodities, to be traded on the Ethereum blockchain.

Magazine: 4 out of 10 NFT sales are fake: Learn to spot the signs of wash trading