Hassan, a Cryptonews.com journalist with 6+ years of experience in Web3 journalism, brings deep knowledge across Crypto, Web3 Gaming, NFTs, and Play-to-Earn sectors. His work has appeared in...
In a swift and coordinated response, DeFi project Pendle successfully protected approximately $105 million from a potential drain following a significant hack involving Penpie, an independent yield optimizer built on the Pendle ecosystem.
Despite the attacker exploiting Penpie’s protocol, leading to a loss of around $27.3 million, Pendle’s rapid actions to pause its contracts prevented further losses, allowing the platform to resume normal operations quickly.
The attack happened on Tuesday at 17:45 UTC. The attacker deployed a malicious contract funded through Tornado Cash, which interacted with Pendle’s contracts.
Alert: Penpie has encountered a security compromise.
We have paused all deposits and withdrawals. Our team is working tirelessly to address it. Your patience and support are invaluable during this time.
Stay tuned for further updates.
Pendle’s in-house monitoring system promptly detected this suspicious contract, setting off immediate alarms within the team.
By 17:46 UTC, Pendle’s team was on high alert, launching a rapid investigation to determine whether the contract posed a real threat to their platform.
Just minutes later, at 18:23 UTC, the attacker executed the first attack on Penpie, compromising its security.
Penpie, an independent protocol within the Pendle ecosystem, was specifically targeted due to a vulnerability tied to a feature that allowed permissionless listing of Pendle markets.
As the exploit unfolded, Pendle’s team mobilized swiftly to defend both Pendle and the broader ecosystem against any subsequent
Read more on cryptonews.com