BTC -1.73%
$61,344.92
ETH 0.51%
$3,390.84
SOL 9.19%
$135.73
PEPE 13.31%
$0.000011
SHIB 2.97%
$0.000017
BNB 1.51%
$574.51
DOGE 3.38%
$0.12
XRP 1.56%
$0.47
TG Casino
powered by $TGC

UwU Lend Reacts to $23 Million Hack, Pauses Protocol and Negotiates with Hacker

Hassan Shittu
Last updated: | 3 min read

Uwu Lend, a lending protocol founded by Frog Nation’s former CFO Sifu, suffered a $19.4 million loss due to an oracle manipulation attack.

Cyvers first identified the exploit, revealing a sophisticated series of three transactions executed within six minutes. The attackers converted stolen Wrapped Bitcoin (WBTC) and Dai (DAI) into Ether (ETH) after being funded from Tornado Cash.

UwU Lend Hit by $20 Million Oracle Manipulation Attack, Founder Offers Deal to Hacker

On Monday, June 10, UwU Lend, a decentralized finance (DeFi) protocol, was hacked for nearly $20 million in an ongoing cryptocurrency exploit. The incident was first identified by on-chain security firm Cyvers, which alerted the community with a post on social media platform X:

“Hey @UwU_Lend, you are being attacked! So far, the address got around $14M…”

According to Cyvers, UwU Lend, which functions as a liquidity market allowing users to deposit and borrow digital assets, was attacked through a sophisticated series of transactions. The exploit quickly escalated, surpassing $20 million in stolen funds within an hour of the initial alert.

The attack, funded through the crypto-mixing protocol Tornado Cash, was executed with remarkable speed and precision. The hacker performed three malicious transactions in just six minutes, draining approximately $20 million. Cyvers disclosed that the funding for the attack was received from Tornado Cash two days before the exploit.

According to Peckshield, the root cause was a price oracle issue involving the sUSDe asset, priced based on a median from multiple sources. The attacker manipulated five sources during the hack, causing the exploit.

In response to the attack, UwU Lend swiftly paused its protocol to prevent further losses and set the borrowing and deposit rates to 0% to protect users’ positions. The team issued a statement on their X page, explaining their immediate actions and ongoing investigation:

“We have made an offer to the hacker and are awaiting a response. The protocol will remain paused until the investigation has concluded. Thank you for your patience during this time.”

UwU CEO offer to the hacker Source: Etherscan

Michael Patryn, also known as 0xSifu, the founder of UwU Lend, offered the hacker a deal to return about $16 million in crypto in exchange for dropping potential charges. He stated in an on-chain message:

“We are offering a 20% white hat bounty of any funds taken. You will face no risk of us pursuing this further and no risk of law enforcement issues.”

Post-deadline, the bounty would be offered to anyone who could expose and help bring the exploiter to justice. Meanwhile, another individual sent an on-chain message to the hacker with instructions on how to move the funds without getting caught, adding another layer of complexity to the situation.

The stolen assets, which include significant amounts of WETH, WBTC, bLUSD, crvUSD, sDAI, CRV, DAI, USDT, and sUSDe, are currently parked in two addresses. The total estimated loss stands at approximately $23 million.

Crypto Hackers Poised to Surpass 2023 with Record-Breaking Thefts in 2024


UwU Lend, which operates as a liquidity market allowing users to deposit and borrow digital assets, has assured users that the hack did not affect most deposited assets, including SIFU, VOLTA, FRAX, and several other markets.

UwuLend’s audit by Peckshield had previously characterized the code as “well designed and engineered,” with “no high-severity or critical issues” detected.

Crypto hackers may be on track to surpass 2023 regarding stolen digital assets. In the first quarter of 2024, hackers stole digital assets valued at $542.7 million, a 42% increase compared to the same period in 2023.

The surge in stolen funds can be attributed to the rising valuation of cryptocurrencies, which has increasingly attracted malicious actors since the beginning of 2024. As the value of digital assets climbs, so does the incentive for hackers to exploit vulnerabilities within the crypto ecosystem.