Curve Finance's factory pools have been hit by a reentrancy vulnerability, which allowed attackers to drain funds or exploit the contract's logic. The vulnerability led to significant outflows across various associated pools, resulting in over $26 million being lost. The attacker targeted Curve's factor pools of multiple projects, including JPEGd, Metronome, and Alchemix. The attack involved a sequence of interactions initiated with a flashloan, which appears to exploit the reentrancy vulnerability associated with certain compiler versions of Ethereum smart contract programming language Vyper. Investigations are ongoing, but there are speculations that whitehat hackers could be involved in a rescue operation.
Welcome Back
Click “Sign in” to agree to Cointime’s Terms of Service and acknowledge that Cointime’s Privacy Policy applies to you.
Join CoinTime
Already have an account?
Click “page.Sign up” to agree to Cointime’s <a class="underline" href="#term-of-service">Terms of Service</a> and acknowledge that Cointime’s a class="underline" href="#privacy-policy">Privacy Policy</a> applies to you.
Sign in with email
Sign up with email
Your email
Check your inbox
Click the link we sent to to sign in.
Click the link we sent to to sign up.
Curve Finance Factory Pools Suffer $26 Million Outflow Due to Reentrancy Vulnerability Exploited by Flashloan and MEV Bots
-
Wechat scan to share
Recommended for you
-
Yao Qian, former director of the Science and Technology Supervision Department of the China Securities Regulatory Commission, was expelled from the party and removed from public office for allegedly u
the Discipline Inspection and Supervision Team of the Central Commission for Discipline Inspection and the National Supervision Commission stationed in the China Securities Regulatory Commission and the Supervision Commission of Shantou City, Guangdong Province, recently conducted disciplinary review and supervision investigations into Yao Qian, former director of the Science and Technology Supervision Department of the China Securities Regulatory Commission and former director of the Information Center, for serious violations of discipline and law. -
SlowMist: Will help law enforcement agencies track down the stolen funds from DEXX. Currently, about 2,000 suspicious addresses have been roughly identified.
SlowMist announced on X platform that its team will assist law enforcement agencies in tracking stolen funds and analyzing related clues. A complete list of hacker addresses will soon be released with DEXX. Currently, about 2,000 suspicious addresses have been roughly identified. -
DEXX: If all assets are recovered, full compensation will be given immediately
DEXX, the on-chain trading terminal, has released an update regarding the previous security incident. DEXX has officially filed a lawsuit and the SlowMist team is actively assisting law enforcement in the follow-up investigation. At the same time, DEXX is actively discussing compensation plans. Regarding compensation: -
SlowMist: DEXX incident has identified more than 900 victims, with total losses estimated at $21 million
blockchain security company SlowMist announced that as of November 18th, the DEXX incident report has been updated: more than 1,100 reports of funds being stolen have been received from the community. After removing duplicate reports, it has been confirmed that there are more than 900 victims, with a total estimated loss of $21 million (affected by price fluctuations). Loss details (so far): -
Are we finally ready for a gas limit increase?
There has been growing discussion around the possibility of increasing Ethereum’s gas throughput, either by raising the gas limit or reducing slot time. The key argument in favor of this is that the hardware requirements for running a validator have steadily decreased over the past four years.
-
Cointime August 17th News Express
1.VanEck and 21Shares Solana ETF Form 19b-4 Suspected to be Removed from CBOE Website -
Ethereum network gas fee falls back below 1 gwei
According to Etherscan data, the current Ethereum network gas fee has fallen below 1 gwei, currently at 0.937 gwei. -
Cointime August 10th News Express
1. The U.S. Internal Revenue Service has released a new draft of the crypto tax form, which no longer requires filling in wallet addresses and transaction IDs -
Ethereum ACDC #139: Pectra's Devnet 2 upgrade is under debugging, and the release date of Devnet 3 is still to be determined
Christine Kim, Vice President of Galaxy Research, summarized the main content of the 139th ACDC conference call. The debugging of Pectra's upgraded Devnet 2 is currently underway, and the release date of Devnet 3 is yet to be determined. Developers will hold weekly testing update meetings starting from Monday to better coordinate the release of Pectra's Devnet. The decision to include EIP-7688 in Pectra's upgrade has been postponed again. -
Ethereum network gas fee drops to 1 gwei
According to Etherscan data, the current gas fee on the Ethereum network has dropped to 1 gwei.
Daily Must-Read
-
Uniswap Labs, UNI holders could make $468M a year from new L2: DeFi Report
-
Avalanche Foundation to buy back nearly 2M AVAX sold to Terra in 2022
-
Gold Fever Hits Costco: 77% of Stores Sell Out Amid Soaring Demand for Bullion
-
$500M Bitcoin Buried in Landfill: Man Sues City After Decade-Long Battle for Recovery
-
Former BAYC creative director Jeff Nicholas joins Meta’s Reality Labs
-
Why is Solana's Dogwifhat (WIF) memecoin crashing?
All Comments