en

Tokenized Google stock inflated 7,700% in rare DeFi lending exploit

image
rubric logo DeFi
like fud 3

Tokenized equities trading platform Edel Finance paused its lending protocol on Tuesday after an attacker exploited how it priced a tokenized stock, borrowing against collateral inflated to roughly 78 times its true value and leaving about $403,000 in bad debt, the team said.

An Update from the Edel Team

Earlier today, Edel identified and contained an exploit affecting Edel Lending.

The exploit involved manipulation of the wrapped xStocks exchange rate between wGOOGLx and GOOGLx, causing wGOOGLx collateral to be valued at approximately 78x its…

— Edel Finance (@edeldotfinance) July 1, 2026

The target was a tokenized version of Alphabet's Google stock. Edel Lending accepted wGOOGLx, a wrapped form of the tokenized share GOOGLx, as collateral.

A wrapped token is a version of an asset repackaged to work inside a particular protocol, and it is meant to track the underlying asset one for one. The attacker manipulated the exchange rate between the two so that wGOOGLx was valued at about 78 times what it should have been, then used that phantom collateral to borrow real assets from the protocol.

The pricing itself was not the weak point. Edel said it used Chainlink oracles, the standard third-party services that feed real-world prices onto a blockchain, and those were reporting the correct Google share price of around $357.

The flaw was in the wrapping mechanism. The attacker interfered with how GOOGLx converted to and from wGOOGLx, so the collateral was mispriced even though the underlying price feed was accurate.

Edel said it detected and contained the exploit, then paused all of its version-one contracts, which remain frozen, and warned users not to interact with them.

The team added it had traced the attacker's transactions and is coordinating with exchanges, and that it has offered the attacker a whitehat settlement, a deal that lets a hacker return most of the funds in exchange for a fee and no legal pursuit, within a set window.

No depositor will take a loss, Edel noted, with the team absorbing the bad debt and restoring balances one for one. It is deploying a version two with a redesigned pricing setup meant to block this kind of manipulation, and promised a full technical breakdown to follow.

While the amount is small, the method sits in one of DeFi's most persistent categories of exploit.

Manipulating the price a protocol reads, rather than breaking into it, ranks as the second most common smart-contract vulnerability in the OWASP Smart Contract Top 10 vulnerabilities for 2025, and security researchers at CertiK describe oracle price manipulation as one of the field's most common attack vectors.

Alongside cross-chain bridges, which produced the year's largest single thefts, including the $292 million drained from Kelp DAO in April, price manipulation is where much of the money keeps going, and in most of these, the code works as written.