Ethereum’s Term Finance Negotiates Partial Recovery After $1.6M Lost to Oracle Error

Ethereum-based fixed-rate lending platform Term Finance, reported recovering $1 million of the $1.6 million lost due to faulty liquidations in its Treehouse (tETH) market, caused by a misconfigured oracle.

The issue was first flagged by blockchain security firm TenArmorAlert, which identified two suspicious transactions linked to Term Labs.

Further investigation revealed that a faulty update to the tETH oracle was at the root of the problem.

The update introduced incorrect price data for Ethereum, triggering automatic liquidations of approximately $1.6 million worth of positions.

Term Finance clarified that the incident was not a hack, nor did it involve the exploitation of smart contracts or direct attacks on users.

Instead, the issue stemmed from a technical bug in the configuration of the new oracle.

Despite initial concerns from security analysts regarding the unusual liquidations, Term confirmed that no user funds were directly targeted in the process.

Although the platform successfully recovered part of the funds, the details surrounding negotiations for the return of the remaining funds remain unclear, as Term Finance has not yet provided additional comments.

This episode highlights the critical importance of accurate oracle feeds within the DeFi ecosystem.

Even minor errors in price data can lead to significant disruptions, underscoring the risks of relying on external oracles to drive smart contract functionality.

Term Finance to Conduct Thorough Review

Term Finance quickly mobilised to recover the 918 ETH lost due to the faulty oracle incident.

The platform successfully reclaimed 556 ETH, with 223.197 ETH (valued at around $400,000) seized internally by the team.

Another 333 ETH, worth approximately $600,000, was returned following what Term referred to as “negotiations.”

However, details surrounding these negotiations—such as the parties involved and the terms of the agreement—remain undisclosed.

With the recovered assets, the remaining loss stands at 362.03 ETH, or roughly $650,000 at current market prices.

While this is a significant improvement, it still poses a challenge for Term Finance and its community.

The company only addressed the recovery efforts after media attention brought the issue to light.

Term Finance has since committed to a comprehensive review of its oracle integration process to prevent similar incidents in the future.

Additionally, the platform hinted that affected users may be eligible for further compensation, although no formal decision has been made yet.

Hacks, Bugs, and Exploits Plague DeFi

The oracle error at Term Finance is just one in a growing list of recent DeFi breaches, which include a $5.8 million exploit on the Solana-based platform Loopscale.

Meanwhile, crypto exchange Bitget reported a $20 million loss after an organised group targeted a market for a lesser-known cryptocurrency last Sunday.

The exchange has vowed to take legal action against the eight accounts suspected of being responsible.

The recoveries from these crypto incidents are often mixed.

For instance, Ben Zhou, CEO of Bybit, which suffered a staggering $1.4 billion loss in the largest attack of the year on 21 February, revealed that nearly 28% of the stolen funds have been laundered and are now untraceable, moving through mixers, peer-to-peer platforms, and over-the-counter markets.

Only 3.84% of the stolen assets were frozen, marking a rare success in a landscape where many victims are left with little recourse.

These incidents underscore a critical vulnerability in the DeFi sector—its lack of robust security and risk management practices.

As the DeFi ecosystem expands, so too do the risks, and some projects may soon find themselves regretting their underinvestment in safeguarding against technical failures and security breaches.