White Hat Hacker Recovers $5.4 Million For DeFi Platform Curve Finance Amid Recent Exploit

Author

David Pokima

Author

David Pokima

About Author

David is a finance journalist and a contributor to Cryptonews.com with a keen interest in breaking comprehensive, accurate, and reliable blockchain news.

Author Profile

Share

Copied

Last updated:

October 23, 2023 05:37 EDT

Why Trust Cryptonews

Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

An ethical hacker has recovered 2,879 ETH worth around $5.4 million for the decentralized finance (DeFi) protocol Curve Finance amid its recent hack losing over $47 million. 

On July 30, the same day of the hack, it was reported that an ethical hacker seized some assets by front-running the original hackers’ malicious transactions.

A maximal value bot “c0ffeebabe.eth” sent the recovered assets to Curve’s deployers address with users hailing the move. However, most crypto enthusiasts suggest that it will take a long time to recover from the damage. 

#PeckShieldAlert c0ffeebabe.eth has returned 2,879 $ETH (~$5.4m) to #Curve deployer https://t.co/33BJLaq12A pic.twitter.com/2Jq0JOsrhV

— PeckShieldAlert (@PeckShieldAlert) July 31, 2023

While good news comes from one end, bad news still trickles in as bad actors target victims of the hack with a new fraudulent scheme.  

Several accounts have been recorded both impersonating Curve Finance and victims of the hack putting together fake refunds targeted at users who lost their assets. 

Since the incident occurred, Curve Finance has not made an official release concerning a potential fund rendering all associated postings so far, false. 

Despite the return of $5.4 million worth of tokens, the attack destabilized markets with Curve’s CRV token taking the biggest hit. CRV has plunged over 17% in the past 24 hours to trade at $0.61.

A larger disaster looms as the total asset locked on the protocol took a nosedive from over $3 billion on Sunday to $1.7 billion at press time as multiple investors withdrew their assets in fear. 

Most DeFi tokens remain down following the last bear market with observers predicting a high impact following related hacks in previous months.

A $47 Million Hack: What’s Next? 

Curve, a stablecoin exchange based on Ethereum, announced that it has been the victim of a hack leading to initial losses of $47 million. 

The main reason for the exploit has been attributed to a retrancy bug in the Vyper programming language leading to the drain in multiple pools on the platform by the hacker. 

“As a result of an issue in Vyper compiler in versions 0.2.15-0.3.0, the following pools were hacked: crv/eth, aleth/eth, mseth/eth, peth/eth.”

While Curve operates several pools, only pools powered by the Vyper versions 0.2.15, 0.2.16, and 0.3.0 were affected by the incident, per a team member, Mimaklas on Discord. 

A number of stablepools (alETH/msETH/pETH) using Vyper 0.2.15 have been exploited as a result of a malfunctioning reentrancy lock. We are assessing the situation and will update the community as things develop.

Other pools are safe. https://t.co/eWy2d3cDDj

— Curve Finance (@CurveFinance) July 30, 2023

“all affected pools have been drained or white hacked, and the team is assessing the situation with affected teams,” he added. 

Retrancy is a bug deployed by bad actors to make repeated calls to a network to steal assets by accessing user wallets.