DeFi protocol Conic Finance Confirmed It was exploited in a re-entrant attack earlier today, for an undisclosed amount.
A reentrancy attack allows an attacker to drain funds from a vulnerable contract by repeatedly calling the withdrawal function before updating the balance. This attack is commonly used to exploit several DeFi protocols.
Conic Finance said it had initially disabled its Omnipool Ethereum deposit frontend, adding that it has started fixing it. to the contract affected.
“The root cause was a reentrancy attack made possible by an erroneous assumption about what addresses would be returned by the Curve Meta Registry for ETH in the Curve V2 pool.”
curve finance Added Only ETH Omnipool was affected.
According to the company’s website, Conic Finance allows liquidity providers to easily distribute their exposure to multiple Curve pools. Any user can contribute liquidity to her Conic Omnipool, with funds allocated across her Curve in proportion to the protocol-controlled weight of the pool.
Konik Finance did not respond of crypto slate Additional comments are requested at time of publication.
Meanwhile, blockchain security company Decurity said The exploit reportedly resulted in the loss of 1724 ETH worth $3.2 million.
Decurity noted that the exploiter became active yesterday and performed a series of minor hacks before attacking the CNCETH pool today. They also attempted a failed transaction ten minutes before he successfully exploited Conic Finance.
block seconds backed up The report notes that the hacker was classified as a “Lady Pepe Exploiter” by MetaDock.
The exploit has been a relatively busy month for hackers targeting crypto projects.Data from Defilama show More than $100 million in digital assets have been stolen from several protocols, including cross-chain bridge Multichain (MULTI).
An article about Conic Finance losing $3.2 million in a re-entry attack on ETH Omnipool first appeared on CryptoSlate.