Curve omnipool platform Conic Finance hacked for $3.2M in ETH


Conic Finance, a liquidity pool balancing platform for the decentralized finance (DeFi) protocol Curve, has suffered an exploit on the Ethereum omnipool.

Conic Finance has been exploited for $3.26 million in Ether (ETH), the Web3 risk-alert source Beosin Alert reported on July 21. Nearly the entire amount of stolen cryptocurrency was sent to a new Ethereum address in just one transaction, according to data provided by Beosin.

Transactions on the address involving a flashloan exploit on Coin ETH Pool. Source: Etherscan

Conic Finance was quick to confirm the news on Twitter, stating that the platform is currently investigating the exploit and will share updates as soon as they are available.

Related: DeFi protocol Arcadia Finance hacked on Ethereum and Optimism for $455K

According to the initial analysis provided by the blockchain security firm Peckshield, the root cause came from the new CurveLPOracleV2 contract.

“Our audit identifies a similar read-only reentrancy issue. However, the same issue is introduced in the newly introduced CurveLPOracleV2 contract, which was not part of the audit scope,” Peckshield wrote.

This is a developing story, and further information will be added as it becomes available.

Magazine: Hall of Flame: Wolf Of All Streets worries about a world where Bitcoin hits

Articles You May Like

Near Foundation CEO Marieke Flament resigns
Whales Abandon Ship? Ethereum’s Value In Jeopardy As Major Holders Liquidate
Chainlink downplays worries after users notice quiet change to multisig
NFT Collector: William Mapan explains generative art using a crayon and dice
Meta launches metaverse game, Bitcoin Ordinals creator proposes numbering change: Nifty Newsletter