Ethereum DeFi Protocol Hacked: $3.2M Gone in a Flash
An incident occurred where a DeFi protocol, Conic Finance (CNC), built on the Ethereum platform, was hacked for approximately $3.2 million.
The hack targeted the protocol’s Ethereum omnipool, leading Conic Finance to promptly disable deposits into it.
Seems @ConicFinance was exploited for $3.26M in tx: https://t.co/K0VjnFprAE
The stolen funds were sent to 0x3d32C5a2E592c7B17e16bdDc87EAb75f33ae3010 pic.twitter.com/mZr4MOkMQF
— Beosin Alert (@BeosinAlert) July 21, 2023
Following the attack, Conic Finance took action to fix the exploit and ensured that it could not happen again in the future.
The hack was attributed to a re-entrancy attack, which was possible due to a mistaken assumption about the returned address by the Curve Meta Registry for ETH in Curve V2 pools. The affected contract has been updated to address this vulnerability.
Conic Finance assured users that the exploit could not be repeated for the ETH Omnipool and that withdrawals were safe.
READ MORE: XRP Ruling Stands Strong on Appeal, According to Lawyer Jeremy Hogan
They also cautioned users about potential scams related to fund recovery, clarifying that they had contacted the perpetrator through an official transaction and warned against other suspicious recovery attempts.
As a consequence of the hack, CNC’s price experienced a substantial drop of 77.16%, plummeting from $5.92 to $1.34. However, it has since recovered and is currently trading at $2.90 at the time of writing.