Conic Finance hacked for $3.2 million in ETH, best source for crypto and web 3.0 cryptocurrency.
Curve omnipool platform Conic Finance hacked for $3.2 million in ETH

Exploit of Conic Finance on Ethereum Omnipool

The decentralized finance (DeFi) protocol Curve’s liquidity pool balancing platform, Conic Finance, has suffered an exploit on the Ethereum omnipool, according to Beosin Alert, a Web3 risk-alert source. Data provided by Beosin reveals that a single transaction sent nearly the entire amount of stolen cryptocurrency, which was $3.26 million in Ether (ETH), to a new Ethereum address.

Conic Finance quickly acknowledged the news on Twitter, saying that it is currently investigating the exploit and will provide updates as soon as they are available. Peckshield, a blockchain security firm, has conducted an initial analysis and determined that the root cause came from the new CurveLPOracleV2 contract.

As Peckshield noted in their audit, a read-only reentrancy issue is present in the CurveLPOracleV2 contract, which was not part of the initial audit scope. This issue is similar to what was identified in their audit.

Categorized in:

Tagged in: