PANews reported on April 18 that Rhea Finance issued an update regarding a security incident, stating that its lending market suffered an unauthorized attack on April 16, compromising its leveraged trading functionality. Attackers exploited a potential vulnerability in the slippage protection mechanism to steal approximately $18.4 million in assets from the protocol's reserve pool, resulting in actual losses within the protocol, affecting reserve balances and participating users.

The attackers have deposited approximately 3.359 million USDC and 1.564 million NEAR back into the RHEA lending contract, while freezing 4.34 million USDT (of which 3.291 million USDT is frozen by Tether in the attacker's wallet and 1.053 million USDT is frozen in the NEAR Intent). Meanwhile, to ensure the safety of the funds, the lending contract has been frozen, and recovery efforts are ongoing. The team is actively attempting to contact the attackers to recover the remaining affected assets. Furthermore, the team has formally initiated a tracing process with centralized exchanges to identify the account holders.

Previously, it was reported that RheaFinance was attacked by fake token contracts, resulting in the theft of approximately $7.6 million .