
The attacker withdrew more than $2 million worth of digital assets from the 0VIX DeFi protocol, allegedly as a result of a flash loan attack.
#CertiKSkynetAlert 🚨
We are currently investigating a #flashloan exploit on 0VIX.
It appears an attacker exploited the protocol via flash loan for ~$2million.
More details to follow pic.twitter.com/XVgb6EZ5oB
— CertiKAlert (@CertiKAlert) April 28, 2023
According to on-chain datathe hacker’s prey was:
Unknown translated assets from the Polygon network to Ethereum through the Stargate Finance cross-chain bridge and converted to ETH.
The 0VIX team confirmed the incident without details and suspended the markets on Polygon and zkEVM. The latter were not affected by the attack and the actions became a precautionary measure.
0VIX is working with its security partners to look into the current situation that seems to be related to vGHST.
As a result, POS and zkEVM markets have been paused this includes pausing oToken transfers, minting, and liquidations.
Only POS has been currently affected but zkEVM…
— 0VIX | live on zkEVM (@0vixProtocol) April 28, 2023
According to the developers, the attack vector is associated with GHST.
đź”– The root cause is of the exploit is a vulnerable $vGHST Oracle, which allowed the attacker to manipulate the price
— Hacken🇺🇦 (@hackenclub) April 28, 2023
“The main cause of the exploit was a vulnerable GHST oracle, which allowed the attacker to manipulate the price,” Hacken experts confirmed their conclusions.
Against the background of the attack, the amount of funds blocked in 0VIX fell from $6.42 million to $1.78, according to DeFi Llama.

Recall that on April 26, the Merlin decentralized exchange based on zkSync lost about $2 million as a result of the attack. The project team said that the incident was not an exploit, but the fraudulent actions of a group of technical specialists.
Found a mistake in the text? Select it and press CTRL+ENTER
Cryplogger Newsletters: Keep your finger on the pulse of the bitcoin industry!