Ongoing Silo Finance Hack: What You Need to Know

Updated on 25 June 2025, 10:23PM SGT

Immediate Actions for Silo Finance Users

If you’re currently engaged with Silo Finance, whether as a depositor, borrower, or liquidity provider – consider taking the following steps to protect your assets:

1. Avoid New Transactions

Refrain from initiating new deposits, withdrawals, or loans on the Silo Finance platform until an official statement is released. Engaging with the protocol during an ongoing exploit could expose your assets to additional risk.

2. Revoke Token Approvals

Use tools like Revoke.cash to revoke any token approvals granted to Silo Finance contracts. This action can prevent unauthorized access to your tokens in case of a contract compromise.

Website: https://revoke.cash

3. Monitor Official Channels

Stay updated by following Silo Finance’s official communication platforms:

• Twitter: https://x.com/SiloFinance
• Discord: https://discord.gg/silo-finance
• Governance Forum: https://gov.silo.finance

These platforms will provide the most accurate and timely information regarding the incident.

4. Check for Wallet Drains

If you suspect unauthorized activity in your wallet, consult FailSafe’s guide for steps on how to respond effectively.

Resource: Wallet Drained? Now What?

What is the impact & remediation timeline?

Updates as of 26 June 2025, 09:21PM SGT

As of the latest statement from Silo Labs, the situation has been clarified and contained. According to the protocol’s team:

• No user funds were affected in the exploit. The attack only impacted SiloDAO’s test funds.
• UI routers have been unpaused, and the protocol is now fully operational.
• The exploit involved a peripheral contract related to an unreleased leverage feature that was deployed for testing.
• The attacker used the fillQuote function to call silo.borrow(), manipulating parameters to interact with a Silo Core Team test wallet.
• Core protocol contracts remain secure, and the issue was limited to this test environment.
• A full post-mortem is being prepared, and peripheral contracts are under review.

Source: https://x.com/SiloFinance/status/1937919050048512451

Updates as of 25 June 2025, 10:23PM

While specifics about the current exploit are not yet public, it’s important to be aware of past vulnerabilities that have affected Silo Finance:

• Interest Rate Manipulation: A previous vulnerability allowed attackers to manipulate interest rates by exploiting the utilization ratio calculation, leading to inflated collateral values and potential fund drains. Source: https://medium.com/certora/silo-finance-post-mortem-3b690fffeb08
• Oracle Price Feed Anomalies: Inaccurate price feeds have previously resulted in unintended liquidations, highlighting the importance of reliable data sources. Source: https://www.binance.com/en/square/post/867627858386

These historical issues underscore the necessity for robust security measures and prompt incident response.

How FailSafe Can Help

FailSafe offers comprehensive end-to-end security solutions, including:

• Pre-Deployment Audits: Thorough code reviews to identify and mitigate vulnerabilities before they can be exploited.
• Real-Time Monitoring: Continuous surveillance of smart contracts to detect and respond to threats promptly.
• Incident Response: Expert assistance in managing and recovering from security breaches.

Contact Us: https://eleoslabs.wpcomstaging.com/contact-us

Security Hotline (Only for urgent requests)

Stay Informed

We will update this post with more information as it becomes available. In the meantime, exercise caution and stay vigilant.

For further guidance on securing your digital assets, refer to:

Wallet Drained? Now What?