Conic Finance DeFi protocol loses $3,2 million in an attack
The attacker conducted a flash loan attack by exploiting vulnerabilities in the protocol.
21.07.2023 - 15:30
1644
2 min
0
DeFi protocol Conic Finance suffered an exploit today by a hacker who managed to make off with 1700 ether (over $3.2 million), according to security analysts at BlockSec. Conic is a DeFi protocol designed to allocate funds across the Curve decentralized exchange using the liquidity pools it operates.
The unidentified attacker exploited a reentrancy vulnerability, which subsequently allowed the manipulation of a faulty price oracle that Conic relied on. This enabled them to drain funds, said Matthew Jiang, the director of security services at BlockSec, in an interview with The Block.
Such an attack leverages the ability to repeatedly call a function within a single transaction before the initial function call completes. This mechanism lets the attacker withdraw more funds than they’re entitled to.
In the incident around 6:35 am ET today, the hacker executed a flash loan, borrowing 20,000 staked ether, as evidenced by on-chain data. These funds were routed to Conic so its price oracle, which is sourced from a third-party “read-only” smart contract, could be tampered with — facilitating the reentrancy attack — BlockSec explained. “The flash-loaned stETH was utilized to amplify the profit,” Jiang said.
Keeping its community informed, Conic announced in a Twitter post that the team was “investigating an exploit involving the ETH Omnipool” and promised to share further updates.
After what appears to be a second attack, Curve Finance urged users to remove all funds from Conic Finance Friday afternoon. Conic later shut down all deposits across omnipools.
"Users are still able to withdraw," Conic Finance wrote on Twitter. "We are assessing the situation and will provide updates as soon as we have them."
This material is taken from the website https://www.theblock.co.
Useful material?
Telegram 
Twitter Market
The company’s unrealized profits from investing in its first cryptocurrency approached $14 billion
Nov 19, 2024
Incidents
The search, the reason for which was not announced, took place a week after the election, the results of which Polymarket users predicted quite accurately
Nov 14, 2024
Market
Analysts point to the growing popularity of the first cryptocurrency as a safe haven asset
Nov 13, 2024
Market
The product will begin trading on the Swiss Exchange on November 19
Nov 12, 2024
Market
The company’s unrealized profits from investing in the first cryptocurrency approached $13 billion
Nov 12, 2024
Market
The company predicts that the rate of the first cryptocurrency will grow to $200 000 by the end of next year
Nov 11, 2024
Cryptocurrency rates
-
Bitcoin
$98 737
BTC
+1%
-
Ethereum
$3 339.28
ETH
+4.03%
-
BNB Smart Chain
$579.4
BSC
+1.23%
-
Ripple
$1.48
XRP
+33.05%
-
Dogecoin
$0.393556
DOGE
+2.26%
-
Cardano
$0.909555
ADA
+15.24%
-
Bitcoin Cash
$489.49
BCH
-4.71%
-
Stellar XLM
$0.300715
XLM
+26.95%
-
Polkadot
$6.17
DOT
+6.38%
-
Litecoin
$91.52
LTC
+1.63%