Advertising revenue keep this site going. We do not actively endorse ads served to us.
DYOR. Please use your due diligence while on this site.
We also do not get information from our visitors.
cryptocurrency July 21, 2023

Share this article

DeFi protocol Conic Finance reported a loss of 1700 ETH, valued at over $3.2 million. Blockchain security firm BlockSec has traced this incident to an unidentified hacker exploiting a reentrancy vulnerability early this morning.

Conic promptly alerted its user base via Twitter, confirming the exploit involving the ETH Omnipool, launched July 10, and only affecting ETH pools.

Conic Finance, known for allocating funds through the Curve decentralized exchange using liquidity pools, fell foul of a two-pronged attack involving the vulnerability and manipulation of a price oracle.

Advertisements

In this case, the attacker took out a flash loan of 20,000 staked ETH, redirecting it towards Conic’s price oracle, facilitating the exploit. The vulnerability was used in conjunction with a manipulation of Conic’s price oracle, which obtains its data from a third-party read-only smart contract.

In a tweet, Conic updated its community: “Update: – We are continuing to investigate the root cause of the exploit and are consulting with relevant parties. – We have disabled ETH Omnipool deposits on the Conic front end.”

Share this article