WEB3
by BSCN
July 31, 2023
The Curve Finance team is trying to mitigate the impact after disabling the affected pools.
The Decentralized Finance (DeFi) ecosystem suffered a significant blow on July 30, 2023, when Curve Finance was hacked. The hacker exploited a vulnerability in the Vyper compiler, making off with over $24 million.
Vyper, a smart contract programming language widely employed in various DeFi protocols, incorporates a reentrancy lock to halt unauthorized funds draining from smart contracts. Unfortunately, a flaw in this security feature enabled the hacker to exploit the Curve Finance swap pool to authorize the withdrawals.
The attacker implemented a series of transactions that duped the swap pool into believing it was still in interaction, allowing them to bypass waiting for transaction completion. Protocols, including Alchemix, MetronomeDAO, and JPEG’d were also affected, resulting in an overall dip in $CRV token prices and shaking confidence in DeFi protocol security. The $CRV token is currently down by 15% in the last 24 hours, according to CoinMarketCap.
Prompt response from the Curve Finance team involved disabling the affected pools and commencing fixes on the Vyper vulnerability. They communicated actively with Coffeebabe.eth, planning to shift the exploited funds to cold storage and reimburse involved parties.
The incident underscores the vulnerabilities in DeFi protocols, highlighting the need for meticulous smart contract development and heightening user awareness about potential risks in DeFi utilization. BSC News will keep following the protocol’s movement in the industry.
Latest News
October 22, 2024
Do Betting Odds Know Best?
October 22, 2024
Michael Saylor's Legacy: Donating His Bitcoin Wealth to Humanity, Inspired by Satoshi Nakamoto
October 22, 2024
MakerDAO May Return as Core Brand After Sky Rebrand Faces Backlash
October 22, 2024
Bitcoin Spot ETFs Records $2.67B in Inflows in Just One Week
October 22, 2024
Chainlink and ANZ Collaborate on Private Transactions for Tokenized Real-World Assets
October 21, 2024
Transak Data Breach Exposes 92K Users: Employee Phishing Attack, Ransomware Group Claims Responsibility
October 21, 2024
Ripple Co-Founder Chris Larsen Donates $10 Million to Kamala Harris' Presidential Campaign Amid Divided Crypto Industry Support
October 21, 2024
Pump.fun Unveils New "Pump Advance" Trading Terminal, Teases Native Token Release