Pendle Hack Saved $105 Million From Further Draining Amid Attack

Key points:

• DeFi protocol Pendle says it saved around $105 million from being further drained following a $27 million hack of Pendle-based yield optimizer Penpie.
• In a post-mortem, the project said funds on Pendle were not at risk, and normal operations have since resumed, though Penpie remains paused.

Pendle hack safeguarded $105M in funds after Penpie exploit, though $27.3M was stolen. Pendle resumed normal operations and offered negotiations with the hacker.

Pendle Hack: $105 Million Safeguarded

DeFi project Pendle has secured around $105 million in funds following a hack of the ecosystem’s yield optimizer Penpie. In a postmortem report, Pendle explained that a quick contract pause prevented further breaches.

The project stressed that normal operations have been restored and reassured users that their funds are safe. The security breach stemmed from a unique feature that allows permissionless listings, which the attacker exploited.

Read more: Pendle Domain Hijacking Be Warned, User Funds Are Safe

$27.3 Million Stolen in Penpie Exploit

Despite securing most of the funds, the hacker managed to steal $27.3 million by launching a malicious “evil market” contract that inflated the staking balance on Penpie. This allowed the attacker to claim rewards fraudulently.

In response, Penpie paused its protocol and was willing to negotiate with the hacker, offering security, no legal action, and bounty rewards in exchange for cooperation.