Conic Finance, the decentralized finance (DeFi) protocol, has become the latest target of hackers, who got away with 1,700 Ethereum tokens that are valued at around $3.2 million at the time of writing.
The exploit
On Friday, the protocol tweeted that it was conducting an investigation to find out the root cause of the attack and was also in touch with relevant parties.
According to an update from the DeFi protocol’s team, a ‘re-entrancy attack’ was the root cause and also added that they were deploying a solution to fix the issue.
The team also claimed in a followup said that there had been no issue with withdrawals and they would provide more details in another post soon.
Beosin, a blockchain security company, tweeted that all the crypto that had been stolen by the hackers had been sent to a single address, as they had managed to link it to the transaction.
The DeFi protocol is actually a new app that allows its users to earn rewards by depositing their coins in ‘omnipools’.
The idea is to allow users to use the liquidity pools that Conic offers to diversify their funds across the decentralized exchange called Curve.
The Ethereum omnipool was the target of the hackers and according to Conic Finance, they have now disabled the deposits to the pool.
DeFi space
The DeFi space is no stranger to such attacks and hacks, as this crypto sphere is aimed at using blockchain technology for replacing traditional financial services, such as lending and borrowing.
As these apps are experimental and new, hackers are able to find loopholes that can be exploited. According to Chainalysis, the blockchain data firm, the previous year had been the biggest one in terms of hacks.
It should be noted that the decentralized finance (DeFi) space is where most of these attacks take place. In the second quarter of this year alone, a total of $228 million were stolen from DeFi traders.
As compared to the same quarter in the previous year, this is an increase of about 63%. Immunefi disclosed that there were two specific incidents that were responsible for most of the losses.
The incidents
First off, it was the exit scam that occurred on May 23rd, which had been orchestrated by the Fintoch platform that has now become defunct.
The second incident involved the Atomic Wallet that had been compromised on June 3rd. The company also discovered that as compared to others, there were some chains that were targeted more.
The last quarter saw 77% of the total crypto losses happen on Ethereum and BNB Chain, while 12% of the losses took place on Arbitrum.
The attacks that took place on Arbitrum were worth noting because it had not faced any incidents in the same period in the year earlier.
Considering the losses that occur in the decentralized finance (DeFi) space, it is not surprising that there are attempts at regulating it.
Legislation to regulate the sector is under discussion in the United States, although nothing has been finalized as yet.