Skip to content
Active Currencies: 17,408
Market Cap: $2.227T
Bitcoin Dominance: 56.17%
24h Market Cap Change: $-2.77

Rhea Finance hit by $7.6M exploit as attacker manipulates liquidity pools

CertiK flags a $7.6M exploit on Rhea Finance as attackers use fake tokens to mislead oracle systems.

Written by Written by Adewale Olarinde
Reviewed by Reviewed by Jibin Mathew George
Updated April 16, 2026
Rhea Finance hit by $7.6M exploit as attacker manipulates liquidity pools

Rhea Finance has been hit by a suspected exploit, with blockchain security firm CertiK reporting that at least $7.6 million has been extracted from the protocol.

The incident was flagged on 16 April, with early findings suggesting the attacker manipulated liquidity pools using fake token contracts. At the time of writing, the Rhea Finance team has not issued a public response.

Exploit linked to fake tokens and oracle manipulation

According to CertiK, the attacker created fraudulent token contracts and added liquidity to newly formed pools. This activity likely misled the protocol’s oracle and validation mechanisms, allowing the attacker to extract funds.

Certik on Rhea Finance
Source: X

Such attacks typically rely on distorting price feeds or liquidity signals. This enables attackers to exploit discrepancies between perceived and actual asset values within the protocol.

While full technical details have yet to be confirmed, the reported method points to a form of oracle manipulation, a recurring vulnerability in decentralized finance systems.

On-chain impact and platform exposure

CertiK estimates that approximately $7.6 million has been drained so far, though the figure may change as more data emerges.

Data from DefiLlama shows Rhea Finance currently holds around $128 million in total value locked [TVL], suggesting the exploit represents a notable portion of platform liquidity.

Rhea Finance TVL
Source: DefiLlama

The movement of funds has been tracked on-chain, with the attacker routing assets through multiple addresses, a common tactic used to obscure transaction trails following exploits.

Team yet to respond as investigation continues

Rhea Finance has not commented publicly on the incident, leaving details around the exploit, potential containment measures, and recovery efforts unclear.

The lack of immediate communication places the focus on third-party tracking and on-chain analysis as the situation develops.

The exploit adds to a growing list of attacks targeting DeFi protocols through manipulation of liquidity and pricing mechanisms. Also, it highlights persistent risks in systems reliant on external data inputs.

Final Summary

  • Rhea Finance has reportedly suffered a $7.6 million exploit, with attackers using fake tokens and liquidity pools to manipulate oracle mechanisms.
  • With the team yet to respond, the full scope of the attack and potential recovery efforts remain unclear as investigations continue.

 

Disclaimer: AMBCrypto's content is meant to be informational in nature and should not be interpreted as investment advice. Trading, buying or selling cryptocurrencies should be considered a high-risk investment and every reader is advised to do their own research before making any decisions.

Adewale Olarinde

Journalist

Adewale Olarinde is a crypto journalist and data-driven storyteller with a Master’s degree in International Relations. He covers digital assets, markets, and policy with a focus on clarity and context. Outside of work, he’s a lifelong Manchester United supporter and a big music lover.

Related Articles

AMBCrypto
Facebook X Instagram Youtube Linkedin

AMBCrypto was founded in 2018 with a mission to simplify and bring the latest blockchain and cryptocurrency news to our readers. We have quickly grown into the digital news source for an emerging generation of cryptocurrency enthusiasts, reaching more than a million readers on a monthly basis, across the globe.