1. BITBILIHome
  2. Article

Curve Finance hacker returns part of stolen funds

40 views

TL;DR Breakdown

  • Curve Finance lost $24 million in a DeFi exploit.
  • The hacker returned $5.4 million of the stolen funds.
  • Curve’s total value locked (TVL) dropped 43% after the incident.

Description

On July 30, Curve Finance, a prominent stablecoin lending protocol, experienced a significant exploit on several stable pools. The exploit was traced back to vulnerabilities in specific versions of the Vyper compiler, a smart contract programming language for the Ethereum Virtual Machine (EVM), Cryptopolitan reported. However, the affected versions were 0.2.15, 0.2.16, and 0.3.0. The … Read more

On July 30, Curve Finance, a prominent stablecoin lending protocol, experienced a significant exploit on several stable pools. The exploit was traced back to vulnerabilities in specific versions of the Vyper compiler, a smart contract programming language for the Ethereum Virtual Machine (EVM), Cryptopolitan reported.

However, the affected versions were 0.2.15, 0.2.16, and 0.3.0. The exploit mechanism, known as “malfunctioning reentrancy locks,” allowed the attacker to bypass the intended safeguards and drain funds from the targeted contracts.

According to Curve Finance CEO Michael Egorov in a Telegram channel, the swap pool has been drained of 32 million CRV tokens, which are worth over $22 million. However, experts estimate that the total loss could be more than $40 million.

Impact on DeFi ecosystem and Curve Finance

The exploit significantly impacted the DeFi ecosystem, with several projects reporting substantial financial losses. These include decentralized exchange Ellipsis, Alchemix’s alETH-ETH pool, JPEGd’s pETH-ETH pool, and Metronome’s sETH-ETH pool. The total losses were estimated to be upwards of $24 million. The incident triggered a wave of panic across the DeFi ecosystem, prompting a flurry of transactions across various pools. In response to the news, Curve Finance’s native token, CRV, experienced a decline of over 5%.

Hacker returns some funds, and future measures

In a surprising turn, the exploiter returned some of the stolen funds to the protocol. PeckShield, a blockchain security company, reported that the Curve exploiter had returned 2,879 ETH, worth around $5.4 million, to the protocol deployer address. The incident underscores the importance of robust security measures in DeFi protocols. As the investigation progresses and more updates unfold concerning the hack,  developers are expected to work closely with the Vyper team to address the vulnerabilities and prevent future exploits.

It is important to know that this is not the first time Curve Finance has been a target of attack. Its Conic Finance omnipool was exploited last week, resulting in a loss of $3.6 million in Ethereum due to a reentrancy attack.

Additionally, Curve Finance’s total value locked has decreased by 43% since the exploit, dropping from $3.26 billion to $1.87 billion, as reported by DeFiLlama. At the time of press, the CRV token is down by 12%, and trading at $0.645336.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:Curve Finance hacker returns part of stolen funds

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年7月31日 20:01
Next 2023年7月31日 21:00

Related articles

  • Avalanche price analysis: AVAX price reverses to $14, hitting a four-month low

    TL;DR Breakdown Avalanche price analysis is bearish today. The resistance for cryptocurrency is found at $14.7. The support for AVAX is present at $13.7. The latest Avalanche price analysis reveals bearish results for the day, with the price suffering yet another loss. Continuing the downtrend that initiated on May 24, 2023, the price has now decreased by $14. The short-term trend line slopes downwards, indicating the prevailing influence of bears. As the price continues its downward trajectory, it has now reached its lowest point in the past four months. AVAX/USD 1-day price chart: AVAX price takes a bearish slide, dropping to $14 in value Today, the 1-day Avalanche price analysis chart continues its bearish movement, following a prolonged period of losses. The AVAX/USD price has now reached its lowest point in the past four months, plummeting to $14. The last time the coin was at this price level was on January 11, 2023, when it experienced a sudden spike. However, today it has declined after remaining above this level for over four months. Over the last 24 hours, the coin…

    Article 2023年5月28日

  • Curve Finance pools hit hard as Vyper exploit leads to losses of $24M

    TL;DR Breakdown Several stable pools on Curve Finance, along with other decentralized finance (DeFi) projects, fell victim to a devastating exploit on July 30, causing losses amounting to $24 million. DeFi projects, including decentralized exchange Ellipsis, Alchemix’s alETH-ETH pool, JPEGd’s pETH-ETH pool, and Metronome’s sETH-ETH pool, suffered substantial financial losses.  Description In a shocking turn of events, several stable pools on Curve Finance, along with other decentralized finance (DeFi) projects, fell victim to a devastating exploit on July 30, causing losses amounting to $24 million at the time of reporting. The exploit was traced back to vulnerabilities in specific versions of the Vyper compiler, with versions … Read more In a shocking turn of events, several stable pools on Curve Finance, along with other decentralized finance (DeFi) projects, fell victim to a devastating exploit on July 30, causing losses amounting to $24 million at the time of reporting. The exploit was traced back to vulnerabilities in specific versions of the Vyper compiler, with versions 0.2.15, 0.2.16, and 0.3.0 being identified as the culprits. PSA: Vyper versions 0.2.15, 0.2.16 and 0.3.0…

    Article 2023年7月31日

  • Bad news for Ripple as Judge grants SEC request to file a motion

    TL;DR Breakdown The SEC can now file a motion against Ripple Labs’ ruling by August 18th, while Ripple Labs has until September 1st to submit its counterarguments. Brad Garlinghouse and Chris Larsen have vehemently opposed the appeal as it would suffer the crypto community setbacks. XRP’s price tanks as uncertainty creeps back to the crypto community over SEC’s hand on decentralized finance entities. Description The United States Securities and Exchange Commission (SEC) has been granted permission to file a motion for leave to file an interlocutory appeal in its case against Ripple Labs. The securities regulator informed Torres in a letter dated August 9 that her decision could impact multiple pending court cases. This decision, however, is not the … Read more The United States Securities and Exchange Commission (SEC) has been granted permission to file a motion for leave to file an interlocutory appeal in its case against Ripple Labs. The securities regulator informed Torres in a letter dated August 9 that her decision could impact multiple pending court cases. This decision, however, is not the judge’s official stance…

    Article 2023年8月18日

  • Animoca Brands reveals plan to launch its Bitcoin-based token

    TL;DR Breakdown Animoca Brands has announced plans to launch its metaverse token based on the Bitcoin blockchain. Bitcoin’s expanding roles in the digital realm. Description In a significant development within the crypto gaming and metaverse investment space, Animoca Brands, a prominent player in this arena, has revealed plans through its subsidiary, Darewise Entertainment (also known as Life Beyond Studios), to launch an innovative metaverse ecosystem token on the Bitcoin network using the Ordinals protocol. Darewise Entertainment, a subsidiary of Animoca … Read more In a significant development within the crypto gaming and metaverse investment space, Animoca Brands, a prominent player in this arena, has revealed plans through its subsidiary, Darewise Entertainment (also known as Life Beyond Studios), to launch an innovative metaverse ecosystem token on the Bitcoin network using the Ordinals protocol. Darewise Entertainment, a subsidiary of Animoca Brands, aims to construct a comprehensive metaverse ecosystem centered around Bitcoin Ordinals. Animoca Brands wants to create a BRC-20 token Bitcoin Ordinals is a protocol that enables users to record NFT-like assets onto the Bitcoin blockchain and create BRC-20 tokens on the…

    Article 2023年9月18日

  • Worldcoin Price Prediction 2023 – 2030: How High Will WLD Go?

    Description Worldcoin, spearheaded by OpenAI chief Sam Altman, launched on Monday, 24 July 2023, after years in development, promising to verify users’ identity by iris-scanning and intending to solve one of the more pressing problems posed by recent advances in artificial intelligence. When it surged in price as an opening salvo, there was a flurry of criticisms about … Read more Worldcoin, spearheaded by OpenAI chief Sam Altman, launched on Monday, 24 July 2023, after years in development, promising to verify users’ identity by iris-scanning and intending to solve one of the more pressing problems posed by recent advances in artificial intelligence. When it surged in price as an opening salvo, there was a flurry of criticisms about it, but a placating long essay by Vitalik Buterin seems to have illuminated naysayers. WorldCoin, which has no relation to Altman’s Worldcoin, experienced a significant surge between May 15 and May 17, despite no new updates from the project. Instead, the surge likely came from the latest buzz around Altman’s project, leading to confusion among investors. The obscure token, launched in 2013 with a market cap of about $9 million, benefited from the…

    Article 2023年7月26日
TOP