• Dapps:16.23K
  • Blockchains:78
  • Active users:66.47M
  • 30d volume:$303.26B
  • 30d transactions:$879.24M

Decentralized Finance Protocol Penpie Loses $27 Million in Hack

user avatar

by Giorgi Kostiuk

a year ago

  1. The Exploit and Its Consequences
  2. Response from Penpie and Pendle
  3. Penpie's Appeal to the Hacker


    4. On September 3, the decentralized finance (DeFi) protocol Penpie, built on Pendle, was hacked, resulting in the loss of $27 million in various cryptocurrencies.

    The Exploit and Its Consequences

    The stolen funds included Ether (ETH) and stablecoins like wrapped USDC and sUSDE, according to EmberCN. The hacker reportedly exploited a vulnerability in Penpie's security, converting most of the stolen assets into ETH and then transferring them to a new Ethereum address, making it difficult to trace. The hack was first brought to light by an X account, Chaofan Shou, affiliated with Fuzzland. The account reported that $17 million had been drained from Penpie, indicating that the protocol was unaware of the breach even after it had begun. This delay in response led to an additional $10 million in losses.

    Response from Penpie and Pendle

    Penpie confirmed the security breach in an X post approximately an hour after the hack began. The protocol immediately paused all deposits and withdrawals to prevent further losses. Pendle, the platform on which Penpie is built, also took action. They paused all contracts on Pendle as a precautionary measure, safeguarding approximately $105 million that could have been at risk. Pendle confirmed that their funds were secure and that the breach was specific to Penpie, not affecting the Pendle protocol itself.

    Alert: Penpie has encountered a security compromise. We have paused all deposits and withdrawals. Our team is working tirelessly to address it. Your patience and support are invaluable during this time. Stay tuned for further updates.Penpie

    Penpie's Appeal to the Hacker

    Penpie reached out to the hacker with an offer to negotiate a bounty for the safe return of the stolen funds. Penpie emphasized that they would not pursue legal action if the funds were returned. They also offered the hacker an opportunity to transition into a white-hat role, where their skills would be recognized and rewarded. The protocol stressed the importance of the stolen funds to their community and expressed a willingness to resolve the issue cooperatively.

    As of the latest updates, Penpie’s stolen funds have been partially transferred to Tornado Cash, making recovery efforts more challenging. Penpie is actively working to ensure that users can securely withdraw their remaining funds.

0

Rewards

chest
chest
chest
chest

More rewards

Discover enhanced rewards on our social media.

chest

Other news

Guidelines for UTME 2026 Registration Released

chest

The Joint Admission Matriculation Board (JAMB) has released guidelines for candidates wishing to register for the Unified Tertiary Matriculation Examination (UTME) 2026, including eligibility criteria and registration steps.

user avatarMohamed Farouk

JAMB Begins Preparations for UTME 2026

chest

The Joint Admission Matriculation Board (JAMB) has started preparations for the Unified Tertiary Matriculation Examination (UTME) 2026, including sensitization campaigns for candidates to verify their personal information.

user avatarElias Mukuru

Future Automation and Glamsterdam Upgrade Plans

chest

Developers are preparing for the next stage of automation and the upcoming Glamsterdam upgrade.

user avatarGustavo Mendoza

Fusaka Upgrade Smoothly Transitioned with Minor Issues

chest

The Fusaka upgrade went live smoothly, but there was a brief technical hiccup during the transition.

user avatarDiego Alvarez

Blob Capacity Increased Significantly Post Upgrade

chest

Etherscan confirmed a significant increase in blob capacity per block on the Ethereum network following the BPO fork, enhancing data management and reducing congestion.

user avatarKenji Takahashi

Ethereum BPO Fork Goes Live After Fusaka Upgrade

chest

The Ethereum BPO fork has officially gone live following the Fusaka rollout, marking the first time Ethereum has adjusted its blob parameters without a full hard fork.

user avatarMaria Fernandez

Important disclaimer: The information presented on the Dapp.Expert portal is intended solely for informational purposes and does not constitute an investment recommendation or a guide to action in the field of cryptocurrencies. The Dapp.Expert team is not responsible for any potential losses or missed profits associated with the use of materials published on the site. Before making investment decisions in cryptocurrencies, we recommend consulting a qualified financial advisor.