A DeFi protocol, Conic Finance (CNC), running on the Ethereum platform, recently fell victim to a hacker attack, resulting in a staggering loss of approximately $3.26 million. The security breach affected the protocol’s Ethereum omnipool, prompting immediate action from Conic Finance. The exploit, however, was quickly rectified, and the team assures users that their funds are safe. Let’s delve deeper into the details of the incident and Conic Finance’s response.
The Exploit and Revelation
According to crypto security firm Beosin, Conic Finance, a provider of omnipools facilitating single-traded liquidity pools for Curve Finance (CRV), was the target of the hacker attack, leading to the theft of $3.26 million worth of assets. The vulnerability only affected the protocol’s Ethereum omnipool, prompting the team to take immediate action.
Swift Response and Resolution
In response to the breach, Conic Finance promptly disabled deposits into the compromised Ethereum omnipool. Following swift and thorough analysis, the root cause of the exploit was identified as a re-entrancy attack, made possible due to a mistaken assumption regarding the address returned by the Curve Meta Registry for ETH in Curve V2 pools.
Conic Finance reassured its users that the issue has been resolved, and measures have been put in place to prevent any recurrence of such attacks. The affected contract has been fixed, ensuring that the exploit cannot be executed again for the ETH omnipool. Additionally, Conic Finance verified that withdrawals remain safe and confirmed that no other omnipools within the protocol were impacted by this incident. The team will be releasing a comprehensive post-mortem report soon to provide further insight into the event.
Warning Against Scams
Conic Finance has taken steps to reach out to the bad actor responsible for the exploit through an official transaction sent from the Conic Multisig address. The team warns users to be cautious of any other transactions claiming to recover funds on behalf of Conic Finance, as they are likely to be scams.
Market Impact
The security breach had significant repercussions for Conic Finance’s native digital asset, CNC. On the day of the incident, the token experienced a drastic plummet of 77.16%, dropping from $5.92 to $1.34. However, it’s noteworthy that the asset has since shown signs of recovery, currently trading at $2.90 at the time of writing.
Disclaimer: The information provided in this article is for informational purposes only and should not be construed as financial or investment advice. Cryptocurrency investments are subject to market risks, and individuals should seek professional advice before making any investment decisions.
Comments are closed.