Tether's Blacklist Controls Freeze $3.29 Million of Rhea Finance Exploit

Users of Rhea Finance cannot withdraw their assets. The protocol halted withdrawals to contain damage after an attacker extracted $7.6 million in USDC, USDT, Zcash, and NEAR. The exploit occurred when an attacker deployed fake token contracts and created fresh liquidity pools to distort price feeds. This distorted feed misled the oracle and validation layer into validating fraudulent transactions. Rhea Finance is the protocol's primary DEX and lending layer on the NEAR Protocol, which previously held over 95% of the network's DeFi total value locked. Tether used administrative controls embedded in the USDT smart contract to blacklist same the attacker's wallet addresses and freeze $3.29 million in USDT. $4.31 million remains unrecovered. 95% of NEAR DeFi users have their assets frozen in the protocol.