lending

Glori Finance was an alleged DeFi lending protocol deployed on the Arbitrum network in early 2024, operating as a Compound V2 fork with approximately $1.4 million in total value locked (TVL) at the time of its exposure. On April 14, 2024, blockchain investigator ZachXBT identified that the top GLORI token holders had seeded liquidity using funds stolen from prior scams — specifically the Crolend, Hash DAO, and HellHoundFi frauds — linking Glori Finance to a serial scam ring responsible for over $20 million in cumulative losses. Following ZachXBT's public disclosure, the Glori Finance X account was deactivated and the protocol's website went offline, consistent with an exit scam.

Tapioca DAO is an omnichain DeFi money market built on LayerZero, offering a CDP stablecoin (USDO) and isolated lending markets (Singularity/Big Bang) across Arbitrum and BNB Chain. On October 18, 2024, the protocol suffered a critical security breach when a team member was targeted by a social engineering attack attributed to North Korea's Contagious Interview campaign, resulting in private key compromise, drainage of TAP token vesting contracts, and the minting of 5 quintillion USDO. Approximately $4.4–4.7 million was stolen before a partial counter-exploit recovered roughly 996 ETH (~$2.7 million), leaving the protocol treasury down approximately 45% and the TAP token price collapsed over 95%.

Compound Finance is an Ethereum-based decentralized lending protocol founded in 2017 by Robert Leshner and Geoffrey Hayes that allows users to lend and borrow cryptocurrencies algorithmically. The protocol has been subject to multiple significant security and governance incidents, including a 2021 smart contract bug that placed up to ~280,000 COMP tokens (approximately $80–90 million) at risk, a 2024 alleged governance takeover by a whale known as 'Humpy,' and a July 2024 front-end DNS hijacking attack tied to the Squarespace registrar migration. Despite these incidents, the core smart contract protocol has not been exploited; the recurring issues have primarily affected token distribution, governance integrity, and front-end infrastructure.