A hacker drained approximately $455,000 from noncustodial decentralized finance (DeFi) protocol Arcadia Finance by exploiting a code vulnerability.
Blockchain investigator PeckShield alerted about the hack on Arcadia Finance, highlighting the cause as “the lack of untrusted input validation.” The code supposedly lacked a validation mechanism to cross-check unverified inputs. This loophole allowed the hacker to drain funds worth roughly $455,000 from Ethereum (darcWETH) and Optimism (darcUSDC) vaults.