- Penpie Hacker and Fund Laundering
- Continued Attacks and Security Measures
- Significant Incidents and Statistics
On September 3, the hacker behind the Penpie protocol attack siphoned around $7 million of stolen funds through the cryptocurrency mixer Tornado Cash within 12 hours of draining $27 million.
Penpie Hacker and Fund Laundering
On September 4, Web3 security firm Cyvers reported about the hacker transferring 26% of the stolen funds to a Tornado Cash address. According to blockchain security firm PeckShield, the hacker continues to launder the stolen funds through multiple transactions to various Tornado Cash addresses.
The Penpie protocol suspended all deposits and withdrawals following the $27 million hack.
Continued Attacks and Security Measures
"At 1745 UTC, the attacker deployed the first contract to be used for the attack," Pendle said in an X post on September 4. Pendle said it contacted security experts Seal 911 to help stop any subsequent related attacks. All contracts on Pendle were suspended, which helped stop any further attempts to drain assets from Penpie, ultimately safeguarding $105M that the attacker might have been able to drain from Penpie.
> "At 0050 UTC, after rigorous checks and coordination with all relevant parties to confirm step 1 and 2, Pendle contracts were safely unpaused, and normal operations resumed."
Significant Incidents and Statistics
An Immunfi report from August 29 pointed out that more than $1.2 billion in funds have been stolen through hacks and exploits so far this year, a 15.5% rise compared to the same period in 2023 when losses totaled a little over $1 billion.
On September 3, the United States Federal Bureau of Investigation (FBI) warned that North Korean cyber criminals were targeting employees at decentralized finance and cryptocurrency firms to steal funds through "complex and elaborate" social engineering campaigns.
On September 1, security firm PeckShield said that financial losses from hacks exceeded $313 million in August 2024. Two of the most significant attacks during the month resulted in the theft of about $238 million in Bitcoin (BTC) and $55 million in Dai (DAI).
These recent incidents highlight the need for strengthened security measures in the cryptocurrency and decentralized finance spaces. Companies continue to take steps to prevent further attacks and restore their operations after incidents.
