Decentralized lending platform Seneca exploited for $6.4M

Decentralized Finance (DeFi) Lending Platform Seneca Protocol Suffers Exploitation, Resulting in $6.4 Million Loss

The popular DeFi lending platform and stablecoin issuer Seneca Protocol has fallen victim to an exploit, according to a recent statement on the protocol’s official X account. As reported by blockchain analytics firm CertiK, the estimated losses from the attack currently stand at $6.4 million.

The Seneca team is urging users to revoke any approvals for the affected contracts. They have also enlisted the help of security specialists to investigate the bug.

Seneca Protocol: A DeFi Lending App Allowing Users to Deposit Cryptocurrencies as Collateral

Seneca Protocol is a DeFi lending app that enables users to deposit a variety of cryptocurrencies as collateral. This collateral can then be used to mint and borrow the protocol’s native stablecoin, SenecaUSD.

Malicious Transfers Made Possible by Flaw in “PerformOperations” Function

According to CertiK’s report, the exploit was made possible by a flaw in the protocol’s “performOperations” function. This allowed the attacker to call the function and specify OPERATION_CALL as the action to be performed, giving them control over the callee and callData. As a result, the attacker was able to drain funds from the collateral pool that they did not own.

Critical Vulnerability in X Crypto App Exploited, Users Warned to Revoke Approvals

Crypto app Reddit investigator Spreek issued a warning about a critical vulnerability in X, urging users to revoke approvals for addresses used in the exploit. According to security researcher ddimitrov22, the Seneca crypto app is also facing a vulnerability that prevents developers from pausing its contracts.

The development team behind X acknowledged the attack and stated that they are currently investigating the issue. They plan to provide an update on the situation shortly.

The threat of hacks and exploits continues to loom over the Web3 community. Just recently, Axie Infinity co-founder Jeff “Jihoz” Zirlin lost $9.7 million from a hack on his personal wallets, while DeFi protocol Blueberry was exploited for 457 ETH on the same day.

As the crypto industry evolves, it is crucial for users to stay vigilant and take precautions to protect their assets. Stay updated on the latest crypto news and updates, and always be cautious when using crypto apps and platforms.

Categorized in:

Tagged in: