Starstream Finance Was Hacked, About $8.2 Million Worth of Assets Lent Out in Agora DeFi

Agora DeFi officials tweeted that a hacker exploited Starstream Finance's distributor treasury contract vulnerability to mint $50 million $STARS and used those $STARS as collateral to borrow approximately $8.2 million worth of assets in Agora DeFi. It is reported that Starstream's new distributor treasury had a bug that allowed the hacker to drain treasury funds along with their blackhole vault. When the vault was drained, the hacker staked $STARS on Agora DeFi to borrow large amounts of funds. A portion of the borrowed funds was used to increase the price of $STARS in the market in order to borrow more funds, most of which was bridged off, with the rest was used to create $STARS LPs and sent to Tethys lock address. In addition, 20K $METIS was also sent to the Starstream treasury distributor. In total over 500M $STARS was supplied to Agora as collateral and $8.2M of assets were borrowed in $METIS, $USDC, and $ETH. The Agora team is currently seeking remedies to return 20K $METIS to Agora and suspend $STARS as collateral.