1. BITBILIHome
  2. Article

Curve Finance hacker returns part of stolen funds

139 views

TL;DR Breakdown

  • Curve Finance lost $24 million in a DeFi exploit.
  • The hacker returned $5.4 million of the stolen funds.
  • Curve’s total value locked (TVL) dropped 43% after the incident.

Description

On July 30, Curve Finance, a prominent stablecoin lending protocol, experienced a significant exploit on several stable pools. The exploit was traced back to vulnerabilities in specific versions of the Vyper compiler, a smart contract programming language for the Ethereum Virtual Machine (EVM), Cryptopolitan reported. However, the affected versions were 0.2.15, 0.2.16, and 0.3.0. The … Read more

On July 30, Curve Finance, a prominent stablecoin lending protocol, experienced a significant exploit on several stable pools. The exploit was traced back to vulnerabilities in specific versions of the Vyper compiler, a smart contract programming language for the Ethereum Virtual Machine (EVM), Cryptopolitan reported.

However, the affected versions were 0.2.15, 0.2.16, and 0.3.0. The exploit mechanism, known as “malfunctioning reentrancy locks,” allowed the attacker to bypass the intended safeguards and drain funds from the targeted contracts.

According to Curve Finance CEO Michael Egorov in a Telegram channel, the swap pool has been drained of 32 million CRV tokens, which are worth over $22 million. However, experts estimate that the total loss could be more than $40 million.

Impact on DeFi ecosystem and Curve Finance

The exploit significantly impacted the DeFi ecosystem, with several projects reporting substantial financial losses. These include decentralized exchange Ellipsis, Alchemix’s alETH-ETH pool, JPEGd’s pETH-ETH pool, and Metronome’s sETH-ETH pool. The total losses were estimated to be upwards of $24 million. The incident triggered a wave of panic across the DeFi ecosystem, prompting a flurry of transactions across various pools. In response to the news, Curve Finance’s native token, CRV, experienced a decline of over 5%.

Hacker returns some funds, and future measures

In a surprising turn, the exploiter returned some of the stolen funds to the protocol. PeckShield, a blockchain security company, reported that the Curve exploiter had returned 2,879 ETH, worth around $5.4 million, to the protocol deployer address. The incident underscores the importance of robust security measures in DeFi protocols. As the investigation progresses and more updates unfold concerning the hack,  developers are expected to work closely with the Vyper team to address the vulnerabilities and prevent future exploits.

It is important to know that this is not the first time Curve Finance has been a target of attack. Its Conic Finance omnipool was exploited last week, resulting in a loss of $3.6 million in Ethereum due to a reentrancy attack.

Additionally, Curve Finance’s total value locked has decreased by 43% since the exploit, dropping from $3.26 billion to $1.87 billion, as reported by DeFiLlama. At the time of press, the CRV token is down by 12%, and trading at $0.645336.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:Curve Finance hacker returns part of stolen funds

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年7月31日 20:01
Next 2023年7月31日 21:00

Related articles

  • Yield Protocol achieves full recovery following costly Euler flash loan attack

    TL;DR Breakdown Yield Protocol, a key player in the DeFi space, has successfully recovered from the Euler flash loan attack along with 10 other affected DeFi platforms. The restoration process involved deploying new contracts and executing numerous permissioned calls to reset fixed-yield token maturities and restore functionality. Description  Yield Protocol, a key player in the decentralized finance (DeFi) space, has announced its full recovery following the costly Euler flash loan attack.  The protocol, along with 10 other DeFi platforms, suffered significant losses in the wake of the attack on noncustodial lending protocol Euler Finance in March​. Following the incident, Yield Protocol was forced … Read more  Yield Protocol, a key player in the decentralized finance (DeFi) space, has announced its full recovery following the costly Euler flash loan attack.  The protocol, along with 10 other DeFi platforms, suffered significant losses in the wake of the attack on noncustodial lending protocol Euler Finance in March​. Following the incident, Yield Protocol was forced to suspend mainnet borrowing, reporting losses from its liquidity pools of under $1.5 million. Euler Finance, the primary victim,…

    Article 2023年6月30日

  • Binance CEO’s shocking decision – why he almost shut down US arm

    TL;DR Breakdown Reports suggest that CEO Changpeng Zhao considered shutting down Binance’s arm in the United States as a means of safeguarding the global company.  The exchange and its CEO, Changpeng Zhao, have faced intensified regulatory scrutiny in the United States. Despite these challenges, the exchange has continued to expand its global operations. In a recent announcement, Binance unveiled the launch of Binance Japan on August 1. Description Binance, one of the world’s largest cryptocurrency exchanges, has found itself embroiled in regulatory challenges and faced mounting pressure from US regulators in recent months. Reports suggest that CEO Changpeng Zhao considered shutting down the platform’s arm in the United States as a means of safeguarding the global company. However, a unanimous decision to liquidate … Read more Binance, one of the world’s largest cryptocurrency exchanges, has found itself embroiled in regulatory challenges and faced mounting pressure from US regulators in recent months. Reports suggest that CEO Changpeng Zhao considered shutting down the platform’s arm in the United States as a means of safeguarding the global company. However, a unanimous decision to…

    Article 2023年8月2日

  • DOJ urges court to stop SBF’s expert witnesses from testifying

    TL;DR Breakdown The DOJ has urged the court to bar SBF’s expert witnesses from testifying in the ongoing legal battle. Defense and prosecutors lock horns over testimony admissibility. Description As the trial of FTX founder Sam Bankman-Fried approaches, a legal tug-of-war over proposed witnesses has emerged between the defense and the Department of Justice (DOJ). Both parties have submitted their views on why certain witnesses should be disqualified from testifying, shedding light on the strategies they intend to employ in the upcoming trial involving … Read more As the trial of FTX founder Sam Bankman-Fried approaches, a legal tug-of-war over proposed witnesses has emerged between the defense and the Department of Justice (DOJ). Both parties have submitted their views on why certain witnesses should be disqualified from testifying, shedding light on the strategies they intend to employ in the upcoming trial involving fraud and conspiracy charges. DOJ wants SBF’s witnesses barred from testifying Bankman-Fried’s defense team has raised concerns about the financial analysis expert put forth by the DOJ. They argue that the proposed testimony might not be permissible under…

    Article 2023年8月29日

  • Former SEC and CFTC chairs call for collaborative approach to crypto regulation

    TL;DR Breakdown Former SEC and CFTC chairs, Clayton and Massad believe there are better approaches for regulating cryptocurrencies than litigation. They argue that lawsuits cannot address the need to adjust existing laws to accommodate the unique nature of digital tokens. Clayton and Massad emphasize the importance of establishing clear regulatory frameworks for the crypto market instead of relying solely on enforcement. Description Former SEC Chair Jay Clayton and former CFTC Chair Timothy Massad have expressed their belief that there are better paths for regulating the cryptocurrency industry than litigation. In a recent article published in the Wall Street Journal, they argue that lawsuits cannot adequately address the need for adjusting existing laws to accommodate the unique characteristics … Read more Former SEC Chair Jay Clayton and former CFTC Chair Timothy Massad have expressed their belief that there are better paths for regulating the cryptocurrency industry than litigation. In a recent article published in the Wall Street Journal, they argue that lawsuits cannot adequately address the need for adjusting existing laws to accommodate the unique characteristics of digital tokens. According to…

    Article 2023年7月9日

  • SEC raises concern over Ceffu’s involvement with Binance 

    TL;DR Breakdown The US SEC adds troubles to Binance with the recently filed motion to allow the inspection of Binance.US and its supposed shadow partnership with Ceffu. The SEC describes Binance’s CEO, Zhao, as an individual who views himself as above the law and not limited to the confines of any jurisdiction. SEC claims that the new platform, Ceffu, is simply a rebrand of Binance Custody and serving the parent company, currently being used to transfer money belonging to investors out of the country, contrary to an agreement both parties had. Description The United States Securities and Exchange Commission (SEC) has filed a motion at a District of Columbia court to allow the inspection of Binance.US. The ground of this motion was that the organization has failed to disclose documents needed in another suit between both parties. Earlier this year, the SEC sued Binance Holdings, the company … Read more The United States Securities and Exchange Commission (SEC) has filed a motion at a District of Columbia court to allow the inspection of Binance.US. The ground of this motion was…

    Article 2023年9月19日
TOP