According to security specialists at BlockSec, the DeFi protocol Conic Finance was exploited today by a hacker who was able to escape with 1700 Ether (more than $3.2 million).
Conic Finance Hacker Attack Causes Loss of $3.2 Million
A flawed price oracle that Conic relied on was manipulated as a result of the unidentified attacker using a reentrancy vulnerability. According to BlockSec’s director of security services, Matthew Jiang, this allowed them to drain funds.
This kind of attack takes advantage of the capability to call a function several times in a single transaction before the first function call completes. The attacker can take out more money than they are permitted to do so with this approach.
About Hacker Attack
Conic kept its users updated by tweeting that it was looking into an ETH Omnipool exploit. It also promised to publish any new information.
According to on-chain statistics, the hacker completed a flash loan in the incident that occurred today at 6:35 am ET, borrowing 20,000 staked Ether. BlockSec stated that these funds were sent to Conic in order to compromise its price oracle, which is derived from a third-party read-only smart contract, enabling the reentrancy attack.
The flash-loaned stETH was utilized to amplify the profit,
Jiang
Leave a comment