- Conic Finance, a DeFi liquidity pool platform, falls victim to a massive hack, losing over $3.2 million in ETH.
- As DeFi hacks surge, users question the safety of their funds and demand stronger security measures to protect their investments.
In a shocking turn of events, the decentralized finance (DeFi) platform, Conic Finance, has fallen victim to a massive exploit, leaving its users devastated. Hackers have made off with a staggering $3.2 million worth of Ether (ETH) from the platform’s omnipool. Is your hard-earned money at risk too?
The alarming breach was exposed by the Web3 risk-alert source Beosin Alert on July 21, sending shockwaves through the crypto community. Almost the entire stolen fortune was swiftly transferred to an undisclosed Ethereum address, making it an audacious and daring heist.
As the news broke, Conic Finance rushed to address the situation, reassuring its users via Twitter that they are diligently investigating the breach and will keep everyone updated. But how did the attackers manage to pull off such a colossal heist?
How a Contract Led to Conic Finance’s Catastrophic Hack
According to Peckshield, a leading blockchain security firm, the vulnerability in Conic Finance’s system stemmed from the new CurveLPOracleV2 contract. Shockingly, this security flaw, previously undetected during an audit, exposed Conic Finance to the mercy of hackers.
Our audit identifies a similar read-only reentrancy issue. However, the same issue is introduced in the newly introduced CurveLPOracleV2 contract, which was not part of the audit scope
In the aftermath of the attack, Conic Finance acted promptly, disabling ETH Omnipool deposits on its front end to halt any further damage. But is it enough to restore confidence in the platform’s security measures?
Unfortunately, this is not an isolated incident. DeFi hacks and scams have been on the rise, with staggering amounts of funds stolen in the past quarters. Reports suggest that in Q2 of 2023 alone, hackers managed to pilfer over $204 million from DeFi projects. The numbers from Q1 were even more alarming, reaching a whopping $320 million in losses, as reported by CertiK.
Crypto News Flash does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products, or other materials on this page. Readers should do their own research before taking any actions related to cryptocurrencies. Crypto News Flash is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods, or services mentioned.
Credit: Source link