Conic Finance lost $3.2 million

Carding

Carding

Professional
Messages
2,870
Reaction score
2,511
Points
113
92cdbfc2f2.png


The attacker hacked the Conic Finance DeFi protocol, which is focused on the Curve platform. He withdrew about 1700 ETH (~$3.26 million).

According to analysts at Beosin, a hacker exploited the re-entry vulnerability by gaining access to the protocol's price oracle to manipulate the prices of steCRV, cbETH/ETH-f, rETH-f tokens and others.

This allowed the cracker to withdraw more liquidity tokens than he deposited. The perpetrator also borrowed 20,000 stETH to increase his income.

According to Conic, the exploit only affected the Omnipool pool on the Ethereum network. The protocol team is currently investigating the details of the incident.

According to PeckShield, the main attack contract was CurveLPOracleV2. Analysts emphasized that this component was not part of their audit.
 
You must log in or register to reply here.

Similar threads

Man
Tapioka DAO was exploited and lost $1.6 million worth of TAP tokens
Replies
1
Views
348
Man
Man
Man
Polter Finance Goes Out of Operations After $12 Million Hack
Replies
0
Views
316
Man
Man
Professor
DeFi Fraud: When Code Isn't Law, It's a Weapon. How Smart Contracts Became Automated Cash Registers for Legitimate Robbery
Replies
0
Views
276
Professor
Professor
chushpan
The hacker who stole 2930 ETH ($5.4 million) from zkLend lost all his funds. He was robbed by another hacker.
Replies
0
Views
486
chushpan
chushpan
Friend
Lesson Not Learned: Onyx Loses $3.8 Million Due to Old Vulnerability
Replies
0
Views
358
Friend
Friend
Back
Top