- Incident and Security Measures
- Details of the Attack
- Response and Consequences
Pendle, a well-known decentralized finance (DeFi) protocol, announced that it successfully safeguarded around $105 million in funds following a recent cyber attack on Penpie, a yield optimization tool within the Pendle ecosystem.
Incident and Security Measures
The incident occurred on Tuesday, targeting Penpie’s protocol and raising significant security concerns. According to a post-attack report released early Wednesday, Pendle acted swiftly to contain the damage. The protocol’s contracts were paused immediately, preventing further exploitation.
Details of the Attack
Despite these efforts, the attacker succeeded in exploiting Penpie’s protocol, resulting in the theft of approximately $27.3 million. Lookonchain reported that the stolen assets were converted into 11,109 ETH. Blockchain security company PeckShield identified the exploit as a result of a malicious contract designed to artificially inflate staking balances on Penpie, allowing the attacker to claim undue rewards.
Response and Consequences
The platform assured users that their funds are safe and unaffected, highlighting its ongoing dedication to security. Following the incident, PENDLE has experienced a 10% decline in value over the past 24 hours. The market cap and trading volume also down by 10% and 5%, respectively. Penpie, which remains inactive, has proposed negotiating with the attacker. The offer includes immunity from legal action, and confidentiality regarding the attacker’s identity. And a bounty reward as an incentive for returning the stolen funds.
In conclusion, despite significant losses, Pendle's swift response helped prevent further attacks and restore the security of its contracts, underscoring the importance of coordinated security measures in the DeFi sector.
