Thursday , November 21 2024
Home / Crypto news / Penpie DeFi Platform Reportedly Hit With $27 Million Security Breach

Penpie DeFi Platform Reportedly Hit With $27 Million Security Breach

Summary:
Decentralized Finance (DeFi) platform Penpie, built on the Pendle network, reportedly suffered a major exploit on September 3, 2024. According to the real-time on-chain monitoring system Cyvers Alert, the hack led to the loss of at least million in various wrapped and synthetic crypto assets. Details of the Attack Emerge The security surveillance company stated that the attack on Penpie was initiated by a smart contract that had been initially funded to the tune of 10 ether (ETH) via Tornado Cash. The affected protocol later acknowledged the breach, saying that it had experienced a “security compromise.” The team behind the project also informed users that all transactions had been stopped and that they were working on addressing the issue. Pendle, on which the drained

Topics:
Wayne Jones considers the following as important: , , ,

This could be interesting, too:

Chayanika Deka writes Sky (Formerly Maker) Announces USDS’s Debut on Solana Blockchain

Chayanika Deka writes Russia Imposes Winter Ban on Crypto Mining in Key Regions to Conserve Energy

Jordan Lyanchev writes Meme Coin Bloodbath as PEPE, BONK, WIF, PNUT, POPCAT Dump by Double Digits

Martin Young writes Trump Reportedly Mulling Pro-Crypto Lawyer to Replace Gensler as SEC Chair

Decentralized Finance (DeFi) platform Penpie, built on the Pendle network, reportedly suffered a major exploit on September 3, 2024.

According to the real-time on-chain monitoring system Cyvers Alert, the hack led to the loss of at least $26 million in various wrapped and synthetic crypto assets.

Details of the Attack Emerge

The security surveillance company stated that the attack on Penpie was initiated by a smart contract that had been initially funded to the tune of 10 ether (ETH) via Tornado Cash.

The affected protocol later acknowledged the breach, saying that it had experienced a “security compromise.” The team behind the project also informed users that all transactions had been stopped and that they were working on addressing the issue.

Pendle, on which the drained platform operates, also took to social media, stating that it had identified the attack. It also assured users that after carrying out “thorough investigations,” it had concluded that its own funds were safe. However, as a precaution, the network also paused all contracts and offered assistance to the Penpie team to help resolve the incident.

Defensive Measures and Post-Mortem

The platform later released an initial post-mortem report, detailing the timeline of events that occurred before, during, and after the incident.

In the report, the Pendle team divulged that their system flagged the contract suspected to be behind the theft immediately after it was deployed, as it had been funded from Tornado Cash.

They immediately went on high alert, scrutinizing the contract’s potential security threat against the network. It was at that time that the Penpie exploit happened, causing the Pendle team to initiate defensive measures to protect the network and its broader ecosystem against any follow-up attacks.

The protocol also enlisted the help of other cyber security bodies, including Seal 911, to develop strategies to mitigate further risks. However, after further checks, Pendle unpaused its contracts at 0050 UTC and resumed normal operations.

On its part, Penpie has reached out to the unknown hacker and advocated for a “positive resolution” to the incident.

In its overture, the DeFi project indicated its willingness to negotiate a bounty with the perpetrator that would allow for the safe return of the stolen funds. Further, it pledged that it would not take any legal action against the exploiter if they agreed to the offer that would see them take on a white-hat role. It also assured them that their identity would not be revealed.

However, at the time of going to press, it was not clear whether the attacker had taken up Penpie’s offer or if they had contacted the protocol’s team in any way. In the meantime, its operations remain paused, and the team is working on reestablishing its front end to ensure users access their funds.

Leave a Reply

Your email address will not be published. Required fields are marked *