BSC suffers $73k Vyper attack following Curve Finance exploit

The BNB Smart Chain (BSC) was hit by copycat attacks caused by a vulnerability in the Vyper programming language. It mirrors the Curve Finance defi protocol exploit.

Blockchain security firm BlockSec revealed that as of July 30, approximately $73,000 worth of cryptocurrencies were stolen from the BSC through three separate exploits.

The latest development mirrored the ongoing exploits on Ethereum’s Curve Finance, which had already seen losses surpassing $41 million.

The vulnerability in question was found in Vyper versions 0.2.15, 0.2.16, and 0.3.0, which were used by various defi pools. The malfunctioning reentrancy lock in these versions enabled attackers to execute multiple functions simultaneously, leading to the possibility of draining all funds from affected contracts.

Vyper, the programming language used for many web3 projects and designed for the Ethereum Virtual Machine, is believed to be widely adopted by defi protocols.

You might also like: CoinsPaid targeted in $37.3m hack

Several DeFi projects bore the brunt of these attacks. Among them, Alchemix’s alETH-ETH reported outflows of $13.6 million, PEGd’s pETH-ETH pool suffered a loss of $11.4 million, Metronome’s sETH-ETH pool was hacked for $1.6 million, and over 32 million Curve DAO (CRV) tokens, worth more than $22 million, were drained in the past 24 hours.

Curve Finance, renowned for enabling the decentralized exchange of stablecoins within the Ethereum network, witnessed a sharp decline in its native CRV token’s value. The CRV token plummeted by 12.4% to $0.64 in the last 24hrs amid the chaos, raising concerns about potential liquidations, particularly for the founder of Curve, who reportedly held a borrowing position worth $70 million on Aave.

BSC suffers $73k Vyper attack following Curve Finance exploit - 1
CRV 24hr price chart | Source: CoinMarketCap

Since news of the exploits broke, the defi community has witnessed an intense battle between white hat and black hat hackers on-chain. Both groups have been trying to disrupt each other’s exploit attempts or their efforts to recover the stolen funds.

Amid the chaos, one potential white hat hacker, known as “c0ffebabe.eth,” managed to secure some funds for safekeeping. The hacker sent an on-chain message on July 30, urging affected protocols to get in touch to coordinate the return of funds.

To the relief of some victims, c0ffebabe.eth’s wallet successfully returned nearly 2,900 Ether (ETH) worth over $5 million to Curve through a transaction.

Moreover, another transaction revealed the movement of 1,000 ETH to a newly-created wallet, possibly their cold wallet, for securing the recovered funds.

Read more: Curve Finance’s stablecoin grows 0.25% after $22m minted
Follow Us on Google News

Comments

Post a Comment

Popular posts from this blog

South Korea’s Democratic Party requires parliamentary candidates to reveal crypto holdings

The Democratic Party of Korea has introduced a policy requiring its candidates to disclose their crypto holdings ahead of the 2024 general elections, aiming to enhance transparency and address potential conflicts of interest. The Democratic Party of Korea, which has a majority in the National Assembly with 167 out of 300 seats, has decided that people who want to run for office in the 2024 general elections must disclose individual crypto holdings. This move is reported by News1 as a way for the party to appeal to high moral standards. Han Byung-do, who leads the party’s strategy team, said it will check if candidates might have conflicts of interest because of their digital money. If a representative lies about ownership of crypto , they will not be allowed to run for office as a member of the party. Byung-do did not specify the consequences of disclosing crypto ownership up front. You might also like: South Korean Financial Watchdog Calls for International Consistency of
Read more

Coinbase CEO considers anti-crypto bills as ‘bad political strategy’

The head of the crypto currency exchange Coinbase, Brian Armstrong, criticized U.S. senators Roger Marshall and Elizabeth Warren over their controversial anti- crypto bill. The Chamber of Digital Commerce, the world’s leading blockchain trade association, shared a post exposing Senator Marshall and Warren’s attempt to influence the American Bankers Association to support them in drafting the Digital Asset Anti-Laundering Act. Armstrong commented on this statement, pointing out that opposing crypto currencies is truly “a bad political strategy in 2024.” Senators Warren and Marshall now lobbying for big banks Being anti- crypto is a really bad political strategy going into 2024 * 52m Americans have used crypto * 38% of young people say crypto can increase economic opportunities * just 9% of Americans satisfied with the… https://t.co/diawa3LOX5 — Brian Armstrong ️ (@brian_armstrong) December 19, 2023 “Senators Warren and Marshall are now lobbying for big banks.” Brian Arms
Read more

Nym, a privacy firm, targets Web3 wallets, RPCs, and infrastructure services with its $300 million fund launch.

Image
In the realm of content creation, three pivotal elements come into play: “perplexity,” “burstiness,” and “predictability.” Perplexity gauges the intricacy of the text, burstiness measures the diversity in sentence structures, while predictability assesses the likelihood of predicting the following sentence. Human authors tend to infuse their writing with bursts of creativity, blending lengthy, intricate sentences with shorter, crisp ones. Conversely, AI-generated sentences tend to maintain a uniformity. As you embark on crafting the subsequent content, I urge you to instill it with a healthy dose of perplexity and burstiness while keeping predictability at a minimum. Furthermore, your composition must remain in the English language. Now, let’s reimagine the provided text: Nym Technologies, the stalwart in blockchain security, sets its sights on bolstering open-source initiatives dedicated to crafting cutting-edge security and privacy tools tailored for the Web3 landscape. In an am
Read more