The decentralized finance (DeFi) protocol Penpie, built on the Pendle yield platform, was exploited on Wednesday, resulting in a loss of about $27 million in crypto assets, according to blockchain data.
The attacker stole various tokens, including staked Ethereum (ETH), Ethena’s sUSDE, and wrapped USDC. The funds were later converted to ETH using the Li.Fi protocol and moved to a new address.
$27 Million Stolen in Penpie Hack
Blockchain security firm Cyvers reported the incident, detecting suspicious activity involving Penpie’s contract. Based on the report, the address funded by a crypto mixing service has executed a malicious transaction and got around $27 million worth of digital assets.
Indeed, Etherscan data shows that the exploiter’s address received an initial deposit of 10 ETH, worth around $25,000, via Tornado Cash just hours before the exploit. This transaction helped conceal the identity of the attacker.
Read more: Crypto Project Security: A Guide to Early Threat Detection
Pendle confirmed a breach in Penpie’s system but reassured its users that their funds on Pendle remain safe. However, the company temporarily halted all contracts as a safety measure while working closely with the Penpie team to assess the damage.
“Pendle has confirmed that its funds are secure after an investigation. However, a security issue has been found in Penpiexyz, a separate protocol built on Pendle. To address this, all contracts have been paused temporarily, and Pendle is working closely with the Penpie team to resolve the issue quickly!” Cyvers added shortly.
The attack caused Penpie’s native token (PNP) to plummet by 40%, BeInCrypto data shows. Pendle’s token (PENDLE) also saw an 8% drop, outpacing losses in the broader crypto market.
The Penpie exploit is just one example of the growing wave of crypto hacks in 2024. A recent report by Immunefi states that hackers have stolen over $1.2 billion across 154 incidents this year, exposing the widespread vulnerabilities within DeFi protocols and other crypto platforms.
In August 2024 alone, crypto hacks resulted in over $313 million in losses, according to security firm PeckShield. The two largest incidents that month accounted for the theft of $238 million in Bitcoin and $55 million in DAI.
Read more: Top 9 Safest Crypto Exchanges in 2024
Phishing attacks have also surged, with a report from Scam Sniffer showing a 215% rise in financial losses in August. While fewer attacks occurred compared to July, the amount of stolen funds spiked, with one phishing scheme netting $55 million.
Trusted
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
