Twitter Facebook LinkedIn Flipboard 0 PeckShield has reported a hack on XCarnival Lab, an NFT lending protocol. The attack happened on June 26, and the hacker managed to drain ETH tokens from the protocol. However, according to PeckShield, the hacker made away with 3,087 Ether (ETH), worth around $3.8 million. XCarnival hit by a million-dollar exploit The exploit on the XCarnival NFT lending platform now joins the list of several exploits over the past few months. Moreover, the ongoing recession across the crypto space does not seem to be deterring hackers from targeting protocols. “The hack is made possible by allowing a withdrawn pledged NFT to be still used as the collateral, which is then exploited by the hacker to drain assets from the pool, PeckShield tweeted. PeckShield further said that 120 ETH stolen by the hacker had been laundered through TornadoCash. TornadoCash is a tool used by hackers to hide traces of token transfers from the protocol. XCarnival Lab has already confirmed this exploit on a Twitter post, saying, “Currently our smart contract has been suspended, all deposit and borrowing actions are temporarily not supported, please stay tuned, we will confirm the situation as soon as possible.” The protocol further said that it was willing to give the attacker a 1500 ETH bounty if they returned the stolen Ether. It also added that the hacker would be exempted from legal action if the funds were returned. A Twitter user said that the hacker had accepted the offer, and they had returned half of the stolen funds according to on-chain data. Exploits amid market crash The cryptocurrency market has been in turmoil over the past few months, with around $2 trillion being lost from the market since November last year. The decentralized finance sector has been the top target of hackers, and some of the best DeFi apps have not been spared from these attacks. Last week, the Horizon Bridge to the Harmony layer-1 blockchain suffered an exploit that led to a $100M loss worth of different altcoins. Exploits on multi-chain bridges have raised concern over their security, as several of these, such as the Wormhole bridge, have been exploited for hundreds of millions of dollars worth of crypto. Just like in the case of XCarnival lab, Harmony has also offered a $1M bounty for returning the stolen funds, adding that if they are returned, the protocol will not pursue criminal charges. Related Best NFT Marketplace – Where to Buy NFTs Best NFTs to Buy in 2022 – Top NFTs Reviewed How To Invest In NFT Tokens – Beginner’s Guide Next NFT to Blow Up - Lucky Block Our Rating #1 NFT Competitions Platform - luckyblock.com Daily NFT Jackpot Draws - Free Entry Lifetime Platinum Rollers Club Benefits Trending NFT in 2022 10,000 NFTs Minted - nftlaunchpad.com LBLOCK Token Listed on LBank, PancakeSwap Learn More Twitter Tweet Facebook Share Email This article was written for Business 2 Community by Ali Raza.Learn how to publish your content on B2C Author: Ali Raza Follow @ali_r1272 Ali is a professional journalist with experience in Web3 journalism and marketing. Ali holds a Master's degree in Finance and enjoys writing about cryptocurrencies and fintech. Ali’s work has been published on a number of leading cryptocurrency publications including Capital.com, CryptoSlate, Securities.io, Invezz.com, InsideBitcoins, BeinCrypto, and more. … View full profile ›More by this author:Crypto Exchange Traded Products – Check the Structure before You BuyCrypto-Friendly Bills in US Congress a Promising Sign for MarketsBinance Card Extends Support for AVAX, SHIB, and XRP