Key Points:
The root cause of the attack was identified as a “re-entrancy attack,” which exploited a wrong assumption about the address returned by the Curve Meta Registry for ETH in Curve V2 pools.
The re-entrancy attack is a well-known vulnerability in smart contracts that allows attackers to repeatedly call a protocol, tricking it into transferring assets. In this case, the attacker took advantage of a discrepancy in the price data provided by the oracle, enabling them to manipulate the pricing system and withdraw the stolen funds.
Conic Finance has been proactively addressing the issue and is deploying a fix to the affected contract to prevent further exploits. The protocol has confirmed that the exploit cannot be performed again on the ETH Omnipool, and user withdrawals are secure. Additionally, they assured the community that no other Conic Omnipools were affected by this particular issue.
The incident highlights the significance of oracle systems in DeFi, as they provide real-time price data for various assets. However, they also present a potential attack vector for hackers seeking to exploit vulnerabilities in the system.
This exploit came shortly after another DeFi platform, Sturdy Finance, suffered a similar oracle manipulation attack that resulted in an $800,000 loss. These incidents underscore the importance of ongoing vigilance and security measures within the DeFi ecosystem.
Conic Finance aims to provide a more detailed post-mortem analysis of the exploit soon, shedding light on the specific factors that allowed the re-entrancy attack to occur and the measures taken to prevent such occurrences in the future.
As the DeFi space continues to evolve, ensuring the security and integrity of protocols remains a top priority to safeguard user funds and foster trust in the ecosystem.
DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Bitcoin Spot ETF inflows hit $1.005B on Nov 21, led by BlackRock’s $608M and Fidelity’s…
Discover the best cryptos to buy and hold today: Qubetics leads with 1000x potential, Ethereum…
With the platform facing a cracked whip, Trump Media company is expanding into new business…
Major crypto firms, including Ripple, Kraken, and Circle, are competing for spots on President-elect Donald…
Analysts highlight a breakout alert as Shiba Inu (SHIB), and Dogecoin show signs of recovery…
SEC Chair Gary Gensler will step down on January 20, 2025, coinciding with President-elect Donald…
This website uses cookies.