Curve Finance Rewards Cybersecurity Researcher $250,000 for Identifying Vulnerability
Crypto News

Curve Finance Rewards Cybersecurity Researcher $250,000 for Identifying Vulnerability

1m
Created 6mo ago, last updated 6mo ago

A pseudonymous cybersecurity researcher known as Marco Croc, affiliated with Kupia Security, has been awarded a substantial sum of $250,000 for identifying a critical vulnerability.

Curve Finance Rewards Cybersecurity Researcher $250,000 for Identifying Vulnerability
A pseudonymous cybersecurity researcher known as Marco Croc, affiliated with Kupia Security, has been awarded a substantial sum of $250,000 for identifying a critical vulnerability that has historically enabled hackers to carry out multimillion-dollar thefts from cryptocurrency protocols.
The vulnerability was found in the decentralized finance (DeFi) protocol Curve Finance, which could be exploited to manipulate balances and withdraw funds from liquidity pools. Curve Finance promptly acknowledged the potential security risks associated with the vulnerability and expressed their understanding of its severity. After conducting a comprehensive investigation, Curve Finance awarded Marco Croc the maximum bug bounty of $250,000 as a token of appreciation for his significant contribution.

Although Curve Finance classified the threat as "not as dangerous," they acknowledged that any kind of security incident, even on a smaller scale, could have resulted in serious panic among users. The protocol stated their belief that they could recover any stolen funds in such an event.

This incident comes on the heels of Curve Finance's recovery from a previous hack in July, which resulted in a loss of $62 million. In an effort to restore normalcy, the DeFi protocol recently conducted a vote to reimburse $49.2 million worth of assets to the liquidity providers (LPs). On-chain data confirms that the disbursement of tokens worth over $49.2 million was approved by 94% of tokenholders to cover the losses incurred in the Curve, JPEG'd, Alchemix, and Metronome pools.

This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators. This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice. The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap.
2 people liked this article