Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
Conic Finance, a platform for balancing liquidity pools associated with the decentralized finance (DeFi) protocol Curve, recently encountered a major setback due to an exploit on the Ethereum omnipool, leading to a significant loss of $3.26 million in Ether (ETH).
In the aftermath of the incident, the price of ETH fell to $1,892 as of July 21, according to Beosin Alert, a trusted Web3 risk-alert provider. Their findings indicated that the stolen funds were quickly aggregated and moved to a new Ethereum address, highlighting the complexity of the attack.
Upon examining the address, Etherscan identified the use of a flashloan exploit on Coin ETH Pool, which likely aided in executing the attack. In light of the breach, Conic Finance promptly took to Twitter to confirm the occurrence and assured users that a comprehensive investigation was already in progress. They committed to providing ongoing updates as they became available.
Blockchain security firm Peckshield performed an initial assessment, uncovering that the exploit’s origin stemmed from the new CurveLPOracleV2 contract. Notably, a similar read-only reentrancy issue had been flagged in their audit. However, the newly implemented CurveLPOracleV2 contract, which was outside the audit’s purview, was the actual source of the vulnerability.
Related Posts
In a swift response, Conic Finance enacted further precautionary measures within an hour of the initial report, disabling ETH Omnipool deposits on the front end of their platform. Curve Finance, which is associated with Conic Finance, confirmed the incident and reassured users that only the ETH omnipool had been impacted.
Unfortunately, DeFi hacks have increasingly become a prevalent issue within the sector. A recent report by De.Fi, a Web3 portfolio application, revealed that in the second quarter of 2023 alone, hackers successfully stole over $204 million through various DeFi hacks and scams. While this figure is concerning, the losses from DeFi exploits and scams in Q2 were notably lower than those recorded in Q1, where CertiK reported an alarming $320 million lost from January to March.
As a result, the exploit on Conic Finance’s liquidity pool has sparked significant concerns regarding the security and vulnerability of DeFi protocols. As the industry progresses, it is crucial for platform developers and security firms to work closely together to address and prevent such incidents, thereby protecting users’ funds and maintaining trust in the DeFi ecosystem.
In summary, the DeFi market must stay alert in enhancing its security protocols. Ongoing efforts to strengthen systems and proactively tackle vulnerabilities will be vital for ensuring the long-term stability and growth of the decentralized finance sector.
The post Conic Finance’s Ethereum Exploit Raises Alarms About DeFi Security appeared first on BitcoinWorld.
