In a post-mortem published on Wednesday, the decentralized finance (DeFi) protocol Pendle claimed to have safeguarded around $105 million in funds.
In a post-mortem published on Wednesday, the decentralized finance (DeFi) protocol Pendle claimed to have safeguarded around $105 million in funds that could have been drained following a $27 million hack of the Pendle-based yield optimizer Penpie.
According to the post, the attack on Penpie on Tuesday resulted in the loss of approximately $27.3 million worth of various stolen assets, which were subsequently exchanged for 11,109 ETH.
Blockchain security firm PeckShield attributed the root cause of the exploit to the introduction of an "evil market" - a malicious contract used to inflate the staking balances on Penpie and claim unwarranted rewards.
While the attacker managed to successfully exploit the Penpie protocol, Pendle said its in-house monitoring system promptly detected the suspicious contract, which had been funded from Tornado Cash. However, Pendle was unable to prevent the initial attack.
Pendle claimed that thanks to coordinated efforts from multiple parties, further breaches were mitigated, and Pendle contracts have now been unpaused, with normal operations resuming. The project reassured users that funds on the Pendle platform remain safe and unaffected.
The incident has had a significant impact on the prices of the affected tokens. Penpie's PNP token fell more than 33% immediately following the hack, while Pendle's native token is down around 9% over the past 24 hours.
Penpie, which remains stopped, afterward said it was willing to arrange with the programmer and advertised no legitimate activity to be sought after, the attacker's personality to stay secret, and a rate of the stores as a bounty to compensate in trade for the hacker's participation.
This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators.
This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice.
The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap.
