DeFiTuna, a decentralized finance protocol built on Solana, disclosed that an attacker drained $580,000 from its lending pools on July 16. The exploit left a matching deficit in the platform’s USDC lending pool.
The team says it quickly identified and mitigated the attack vector. Recovery efforts and a deeper investigation into the exploit are underway, though the protocol has not yet detailed how, or whether, affected users will be made whole.
What happened and what we know so far
DeFiTuna operates as an automated market maker with native lending features, concentrated liquidity, and support for leveraged positions. Users deposit assets into pools, other users borrow against them, and everyone earns yield based on how much of the pool is being utilized.
The attacker extracted $580K from those pools, specifically impacting the USDC side of the ledger. That created an immediate deficit, meaning the pool’s liabilities now exceed its assets by that amount.
DeFiTuna confirmed that the exploit pathway has been closed. What remains unclear is the precise mechanism of the exploit. The team hasn’t elaborated publicly, which is understandable during an active investigation.
User reactions on social media centered on two questions: will depositors absorb the loss, and why wasn’t this caught during audits? Both remain unanswered.
DeFiTuna’s background and the trust question
DeFiTuna’s feature set combines AMM functionality with lending and leveraged trading. The protocol’s native token, $TUNA, is used for staking and revenue sharing, giving holders a claim on ecosystem fees. The lending pools offer variable APY based on utilization rates.
Back in February 2025, the protocol returned investments it had received from Kelsier Ventures following a scandal involving that firm.
What this means for DeFi investors
For DeFiTuna depositors, the immediate concern is whether the USDC pool deficit will be covered. There are a few ways this typically plays out: the protocol can use treasury funds to backstop the loss, socialize the deficit across all depositors, or attempt to recover funds from the attacker.
The team’s next public communication will be critical. Investors will be watching for a detailed post-mortem explaining exactly what went wrong, a concrete plan for addressing the USDC deficit, and evidence that the remaining contracts have been re-audited or formally verified.
Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.

2 hours ago
14









English (US) ·