Just-In: Curve Finance Says it Will Refund Affected Users in Post-Hack Update
Based on a recent update, Decentralized Finance (DeFi) stablecoin lending platform Curve Finance has confirmed plans to refund affected users in the recent hack which led to the loss of $62 million from the protocol.
According to Curve Finance, investigations are still ongoing but so far about 79% of the funds have been recovered. Adding that in the meantime, it is focused on “working on measuring the respective shares of each affected user with the goal of proper distribution.”
Quick post-hack update.
While 70% of funds affected by the hack last week are recovered, active investigation with regards to the rest is underway.
In the meantime, we are also working on measuring the respective shares of each affected user with the goal of proper distribution
— Curve Finance (@CurveFinance) August 11, 2023
The Melodramatic Curve Finance Hack
The crypto lender was hacked on July 30 by bad actors who took advantage of certain vulnerabilities in the release history of its Vyper compiler.
Precisely, the perpetrator of the hack focused on versions 0.2.15 to 0.3.0 of the Vyper compiler. It seemed like the hacker knew exactly where the flaws were on Vyper’s past releases. Spotting such vulnerabilities could have only taken a high level of expertise and resources as experts pointed out.
Notably, there have been speculations that the operation was well thought-out before execution. One contributor to Vyper is confident that the plan took the hackers some weeks, if not months to come up with. Some of the impacted pools are CRV/ETH, alETH/ETH, msETH/ETH, and pETH/ETH. It is also believed that the tri-crypto pool on Arbitrum might also be affected.
Sadly, the attack sent shockwaves through the entire DeFi ecosystem. A broad look at the exploit demonstrated the lack of incentivization for uncovering bugs in past software releases as a challenge for the nascent crypto industry.
Hacker Takes Bounty and Initiates Partial Refund
A 10% bounty reward was promised to the hacker who accepted the offer. A few days later, the hacker behind the attack initiated the process of returning the funds.
Etherscan data confirmed that the hacker had performed three separate transactions to the Alchemix Finance developer wallet, transferring a total of 4,821 Ethereum (ETH) worth $8,891,578 at the time. Till now, the hacker has not completed the refund.
The hacker’s choice to return the funds to Alchemix Finance instead of directly to Curve Finance is perceived as a level of discretion or a strategic decision to prevent him from being caught.
- Breaking: U.S. CPI Comes In Lower Than Expectations, Bitcoin Rises
- Bitcoin Crash Incoming? Tom Lee Backs Peter Brandt’s 50% Decline Prediction Despite Strong ETF Inflows
- Breaking: JPMorgan Enables Institutions to Use Bitcoin, Ethereum as Collateral
- Changpeng Zhao Comeback? PolyMarket Set 62% Odds of Binance Return by December Following Trump Pardon
- Matrixport Predicts Market Direction as $6B Bitcoin, Ethereum, XRP Options Expire Today
- SUI Price Prediction as TVL and Monthly DEX Volume Hit All-Time Highs- What’s Next?
- PUMP Price Prediction as Whales Accumulate 4.2B Tokens- Is 135% Rally Next?
- Dogecoin Price Crash Looms as Flag, Death Cross, Falling DOGE ETF Inflows Coincide
- Solana Price Prediction as Osprey’s S-1 Filing and Hong Kong’s ETF Launch Fuel Reversal Hopes- Is $250 Next?
- Ethereum Price Poised for Breakout as Wyckoff Re-Accumulation Meets BlackRock’s $110M Purchase
- BNB Price Prediction as Analysts Eye $1500 Ahead of Fresh Coinbase and Robinhood Listings