cryptocurrency widget, price, heatmap
arrow
Burger icon
cryptocurrency widget, price, heatmap
News/Pendle's Swift Action Saves $105M After Penpie $27M Hack

Pendle's Swift Action Saves $105M After Penpie $27M Hack

Van Thanh Le

Sep 5 2024

3 months ago3 minutes read
Cubic robot defends secure networks against hacker storm vortex

Penpie Protocol Hit Hard by $27 Million Hack

Penpie, a decentralized finance (DeFi) protocol based on the Pendle yield platform, was rocked by a major hack on September 3, 2024. The breach, driven by a malicious "evil market" contract, resulted in the theft of roughly $27 million in crypto assets. 

The attacker manipulated a vulnerability to inflate staking balances fraudulently, allowing them to collect rewards unlawfully. Among the stolen assets were staked Ethereum (ETH), Ethena’s sUSDE, and wrapped USDC. These were swiftly converted to ETH through the Li.Fi protocol. 

The hacker initiated the attack by transferring 10 ETH (worth about $25,000) to an address via Tornado Cash, a crypto mixer used to obscure transactions. Within 12 hours, $7 million—26% of the total stolen amount—was laundered through Tornado Cash. The attacker has continued to move stolen assets through various Tornado Cash addresses, making it challenging to track the funds.

Penpie's native token (PNP) suffered a significant drop, falling by 40% post-attack, while Pendle's token (PENDLE) saw an 8% decline before partially recovering. In response, Penpie promptly paused all contracts to prevent further asset loss. 

chart.png

Pendle, though not directly compromised, also suspended contracts temporarily to protect users and collaborate with Penpie. This decisive action helped save $105 million worth of funds on Pendle from further potential loss. 

As of September 4, 2024, Pendle resumed normal operations after thorough checks, while Penpie remains paused as it assesses the damage and mitigates future risks. Security experts from Seal 911 have been engaged to bolster defenses.

The Penpie hack underscores a troubling trend in 2024, where crypto hacks have surged. By August, over $313 million in crypto assets had been stolen, reflecting a rise in DeFi vulnerabilities. 

A report from Immunefi reveals a staggering $1.2 billion lost across 154 incidents this year, marking a 15.5% increase compared to 2023. North Korean hackers have notably intensified their activities, with the FBI warning on September 3 about targeted attacks on DeFi and crypto sector employees. 

Recent months have seen other significant breaches, including a $238 million Bitcoin theft and a $55 million DAI hack in August 2024, as well as a $234.9 million hack at WazirX in July. These incidents highlight the escalating risks facing crypto platforms and the urgent need for enhanced security measures.

This article has been refined and enhanced by ChatGPT.

cryptocurrency widget, price, heatmap
v 5.7.30
© 2017 - 2024 COIN360.com. All Rights Reserved.