DeFi Protocol Zunami Loses Over $2.1 Million in a Major Price Manipulation Attack

Ad Disclosure
Ad Disclosure

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Last updated:
Ad Disclosure
Ad Disclosure

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Author
Sujha Sundararajan
Author Categories
About Author

Sujha has been recognised as 🟣 Women In Crypto 2024 🟣 by BeInCrypto for her leadership in crypto journalism.

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. Read more
Source: Pixabay

Decentralized Finance (DeFi) platform Zunami Protocol has confirmed a price manipulation attack on its “zStables” stablecoin pools on Curve Finance, causing potential losses of over $2.1 million.

The attack is the latest among the list of protocols affected by the recent vulnerability in the popular DeFi platform Curve Finance, which drained funds from a number of the protocol’s liquidity pools, exposing $100+ million worth of cryptocurrencies.

The hacker in the Zunami Protocol’s exploit apparently took flash loan from balancer, blockchain security firm Ironblocks noted. The attacker, then added liquidity to change the price massively and started trading in Zunami’s exchange.

Ironblocks wrote in a Tweet that the liquidity was later removed, which changed the price and finally traded back and returned the flash loan to get 1,1152 ETH.

Fellow blockchain security platform PeckShield was quick to report the attack on Twitter, which immediately notified Zunami Protocol to take “necessary actions.”

The attack netted the bad actor more than $2.1 million, carried out via price manipulation, “which can be exploited by donation to incorrectly calculate the price,” PeckShield wrote in a Tweet.

PeckShield also noted that the stolen funds were sent to coin mixer Tornado Cash, which obscures the transaction path. This further complicates the efforts to track and recover the stolen funds.

Curve Finance platform is still struggling to recover millions of dollars lost in an exploit and recently announced a bounty of $1.85 million to anyone who can identify the attacker.

Zunami Warns Users to Refrain From Buying Stablecoins

Following PeckShield’s warning, Zunami confirmed the attack and said that the “collateral remain secure.” The protocol instructed its users to refrain from buying either of the affected tokens – Zunami Ether (zETH) or Zunami USD (UZD) stablecoins – warning that the exploit is still being fixed.

Soon after the confirmation of attack from Zunami, both the affected tokens plummeted sharply. UZD dropped 99% to nearly $0, losing its peg, while zETH fell by 89% to a low of $206. UZD is currently trading at $0.0118 at press time, according to CoinGecko.

Zunami Protocol, a yield farming aggregator for stablecoin staking, has been promising the highest Annual Percentage Yield (APY) as a decentralized autonomous organization (DAO), with $5 million in Total Value Locked, according to its website.

Zunami also promised users to diversify their stablecoin portfolio while avoiding any crashing risk. The price manipulation risk, however, has put a massive dent in Zunami’s reputation.

SlowMist Reportedly Warned Zunami

Xian Yu, founder of blockchain security platform SlowMist, said that their firm had identified the attack nearly two months before. The Zunami Protocol apparently received warnings from SlowMist, albeit unnoticed until the breach.

Yu said that despite repeated warnings sent to the Protocol, “it was an unpleasant communication.”

The decentralized nature of the DeFi ecosystem makes it a lucrative target for attackers, stressing on the importance of high security measures and timey actions on such vulnerabilities.

More Articles

Podcast
Gregg Bell, SVP of HBAR Foundation, on Hedera, Creating New Investment Vehicles, Tokenization, and Creating the Trust Layer of the Internet | Ep. 408
2025-02-07 10:48:44
Ethereum News
Ether Outflows from Derivatives Exchanges Hit Highest Level Since August 2023, Signaling Bullish Trend
Ruholamin Haqshanas
Ruholamin Haqshanas
2025-02-07 08:51:10
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors