Cybercriminals illegally accessed and stole from the Conic Finance decentralized finance platform. They took 1,700 Ethereum cryptocurrency tokens, which are worth over $3.2 million based on current prices.
In a tweet posted on Friday, Conic Finance stated “continuing to investigate the root cause of the exploit and are consulting with relevant parties.”
The developers of the decentralized finance protocol stated that the root cause of the breach was a reentrancy attack. They mentioned that a fix for the vulnerable smart contract is being deployed. The team later confirmed that withdrawals are now safe and that they will provide a more comprehensive analysis of the incident in the future.
According to blockchain security firm Beosin, all of the stolen cryptocurrency was transferred to a single address. Beosin shared the details of the transaction in a tweet.
Conic Finance is a decentralized finance application that enables users to earn rewards by depositing tokens into its omnipools, which provide diversified liquidity across the Curve decentralized exchange.
The attackers compromised the Ethereum omnipool within Conic Finance. In response, Conic Finance has temporarily suspended deposits into the affected Ethereum pool.
Exploiting vulnerabilities are very prevalent in decentralized finance (DeFi) applications, which aim to disrupt traditional financial services through blockchain technology.
As these DeFi platforms are relatively new and experimental, they can sometimes contain flaws that hackers can capitalize on. Per blockchain analytics company Chainalysis, last year saw the highest amount of hacking activity ever in the cryptocurrency ecosystem.
The majority of cryptocurrency hacking occurs in decentralized finance (DeFi) platforms. DeFi traders suffered $228 million in losses just in the second quarter of this year, representing a 63% rise from the same quarter last year.
According to the bug bounty platform Immunefi, the two primary incidents contributing to most of these losses were the June 3 cyberattack on Atomic Wallet and the May 23 exit scam conducted by the now-closed Fintoch platform.
Immunefi’s analysis revealed that certain blockchain networks were attacked more frequently. 77% of the losses came from hacks on the BNB Chain and Ethereum blockchains, with Arbitrum accounting for 12% of the stolen funds. Attacks on Arbitrum were especially remarkable since there were zero incidents in the same quarter last year. This data shows that BNB Chain, Ethereum, and Arbitrum were the most targeted platforms by hackers in the last quarter.
#Ethereum #Hackers #DEFI
