Loading prices...
CryptoPulse.media
All news
Google Shares as DeFi Collateral: Hacker Inflated the Pledge 78x and Drained $403,000
Breaking News

Google Shares as DeFi Collateral: Hacker Inflated the Pledge 78x and Drained $403,000

July 3, 2026
9

The Edel Finance DeFi lending protocol fell victim to a rare attack: an exploiter inflated the value of tokenized Google shares by 7,700% — to 78 times their real price — then borrowed real assets worth $403,000 against that phantom collateral. The funds were immediately routed through Tornado Cash, CoinDesk reports.

What GOOGLx is and how the system worked

Edel Finance is a platform that accepts tokenized equities as collateral. GOOGLx is a token tracking the price of Alphabet/Google stock on the blockchain. wGOOGLx is a wrapped version of the same token used directly inside the lending protocol. By design, the wGOOGLx-to-GOOGLx exchange rate should be 1:1 — the wrapped form simply packages the base asset without changing its value.

The attack mechanism: five steps

The attacker deployed freshly created exploit contracts and used a flash loan to temporarily control liquidity. They then manipulated the protocol's conversion mechanism so that wGOOGLx was valued at 78 times the price of GOOGLx. Using this fictitious collateral, they borrowed real assets from the protocol's reserves, then transferred the stolen funds to wallet `0x584...11C76` and immediately routed them through Tornado Cash — the sanctioned mixer routinely used to obscure the origin of stolen funds, CryptoTimes reports.

The flaw was not in the oracle — it was in the wrapping logic

This is key: Chainlink's price oracle functioned correctly and reported the real Alphabet share price at around $357. The problem lay deeper — in the smart contract logic governing the conversion between GOOGLx and wGOOGLx. The attacker did not fool the oracle — they bypassed it by directly manipulating the wrapping mechanism. By OWASP classification this is a price manipulation attack — the second most common vulnerability class in DeFi protocols, LiveBitcoinNews explains.

"The vulnerability was not in the price feeds — Chainlink reported the correct price — but in the conversion mechanism between token forms" — CoinDesk.

Edel Finance's response

The team immediately paused v1 contracts and confirmed it will absorb all losses — depositors will be made whole. A v2 redesign with an overhauled wrapping architecture is in deployment. A white-hat settlement offer was sent to the attacker: return the funds in exchange for a bounty and immunity from prosecution. Transactions are being traced in coordination with exchanges.

What this means for tokenized assets

The Edel Finance exploit exposes a systemic risk that grows as traditional assets — stocks, bonds, real estate — migrate onto the blockchain. Tokenization creates new attack surfaces: if a wrapped token and its underlying asset can diverge in price through manipulation of the conversion mechanism, any protocol accepting such tokens as collateral is potentially vulnerable — even with perfectly functioning oracles.

This article is for informational purposes only and does not constitute investment advice.

 Jonathan

Author

Jonathan

Editor

I love writing about cryptocurrency, am interested in general trends, and try to reflect this in my materials.

Comments (0)

No comments yet — be the first!