• Dapps:16.23K
  • Blockchains:78
  • Active users:66.47M
  • 30d volume:$303.26B
  • 30d transactions:$879.24M

The Hack of DeFi Protocol Penpie Leads to $27 Million Loss in Cryptocurrency

user avatar

by Giorgi Kostiuk

2 years ago

  1. The Exploit and Its Aftermath
  2. Penpie and Pendle's Response
  3. Penpie's Appeal to the Hacker


    4. On September 3, the decentralized finance (DeFi) protocol Penpie, built on Pendle, was hacked, resulting in the loss of $27 million in various cryptocurrencies.

    The Exploit and Its Aftermath

    The stolen funds included Ether (ETH) and stablecoins like wrapped USDC and sUSDE, according to EmberCN. The hacker reportedly exploited a vulnerability in Penpie's security, converting most of the stolen assets into ETH and then transferring them to a new Ethereum address, making it difficult to trace. The hack was first brought to light by an X account, Chaofan Shou, affiliated with Fuzzland. The account reported that $17 million had been drained from Penpie, indicating that the protocol was unaware of the breach even after it had begun. This delay in response led to an additional $10 million in losses. The hacker exploited a specific security weakness in Penpie’s system, enabling them to drain funds swiftly and efficiently. Most of the stolen assets were converted into 11,109 ETH, worth approximately $26.95 million. Of this amount, the hacker laundered 1,000 ETH (about $2.42 million) through the crypto mixer Tornado Cash, per DeBank data.

    Penpie and Pendle's Response

    Penpie confirmed the security breach in an X post approximately an hour after the hack began. The protocol immediately paused all deposits and withdrawals to prevent further losses. Pendle, the platform on which Penpie is built, also took action by pausing all contracts as a precautionary measure, safeguarding approximately $105 million that could have been at risk. Pendle confirmed that their funds were secure and that the breach was specific to Penpie, not affecting the Pendle protocol itself. Pendle's team identified the attack and mobilized efforts to protect their ecosystem. They reportedly reached out to security experts at Seal 911 to evaluate the situation and devise strategies to prevent further breaches.

    Penpie's Appeal to the Hacker

    Penpie reached out to the hacker with an offer to negotiate a bounty for the safe return of the stolen funds. Penpie emphasized that they would not pursue legal action if the funds were returned. They also offered the hacker an opportunity to transition into a white-hat role, where their skills would be recognized and rewarded. The protocol stressed the importance of the stolen funds to their community and expressed a willingness to resolve the issue cooperatively.

    As of the latest updates, Penpie’s stolen funds have been partially transferred to Tornado Cash, making recovery efforts more challenging. Penpie has reportedly repositioned their platform’s front-end and is actively working to ensure that users can securely withdraw their remaining funds.

0

Rewards

chest
chest
chest
chest

More rewards

Discover enhanced rewards on our social media.

chest

Other news

Western Union Introduces USDPT Stablecoin to Enhance Digital Payments

chest

Western Union has launched USDPT, a US dollar-backed stablecoin, to enhance digital payments for 130 million people in Bolivia and the Philippines.

user avatarAisha Farooq

Zcash Surges to New High as Institutional Interest Grows

chest

Zcash (ZEC) has surged to a new year-to-date high of 590, driven by significant institutional investment from Multicoin Capital.

user avatarTenzin Dorje

Sabadell Joins European Banking Consortium for Stablecoin Initiative

chest

Spanish bank Sabadell has joined the Qivalis consortium aimed at launching a Europe-pegged stablecoin.

user avatarBayarjavkhlan Ganbaatar

Ripple CEO Highlights Critical Hearing for CLARITY Act's Future

chest

Ripple CEO Brad Garlinghouse emphasizes the importance of the upcoming Senate Banking Committee hearing for the CLARITY Act's progress.

user avatarMohamed Farouk

Bitcoin Holds Steady Above 80,000 as Market Recovery is Tested

chest

Bitcoin's price remains above 80,000, indicating a recovery from March lows, with differing behaviors observed among large holders.

user avatarElias Mukuru

Gerstein Harrow LLP Files Restraining Notice Over Ethereum Linked to Kelp DAO Hack

chest

Gerstein Harrow LLP has filed a restraining notice in a New York district court, claiming legal rights to approximately 30,766 Ethereum frozen after the Kelp DAO hack.

user avatarDiego Alvarez

Important disclaimer: The information presented on the Dapp.Expert portal is intended solely for informational purposes and does not constitute an investment recommendation or a guide to action in the field of cryptocurrencies. The Dapp.Expert team is not responsible for any potential losses or missed profits associated with the use of materials published on the site. Before making investment decisions in cryptocurrencies, we recommend consulting a qualified financial advisor.