{"id":16662,"date":"2024-09-04T10:21:09","date_gmt":"2024-09-04T07:21:09","guid":{"rendered":"https:\/\/forklog.com\/en\/penpie-defi-protocol-suffers-27-million-exploit\/"},"modified":"2024-09-04T10:21:09","modified_gmt":"2024-09-04T07:21:09","slug":"penpie-defi-protocol-suffers-27-million-exploit","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/penpie-defi-protocol-suffers-27-million-exploit\/","title":{"rendered":"Penpie DeFi Protocol Suffers $27 Million Exploit"},"content":{"rendered":"<p>On September 3rd, a hacker targeted the DeFi protocol Penpie, extracting digital assets worth over $27.3 million, according to experts from PeckShield.<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">The loss is >$27M if we take into account the stolen YT tokens and possibly loss from other chain. <a href=\"https:\/\/t.co\/5bdhjf2WIH\">https:\/\/t.co\/5bdhjf2WIH<\/a><\/p>\n<p>\u2014 PeckShield Inc. (@peckshield) <a href=\"https:\/\/twitter.com\/peckshield\/status\/1831079272364245478?ref_src=twsrc%5Etfw\">September 3, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cThe root cause was the introduction of a malicious market, which was used to inflate the staking balance to gain undue rewards,\u201d explained the experts.<\/p>\n<\/blockquote>\n<p>The Penpie team stated that their internal monitoring system detected a suspicious contract funded from the Tornado Cash mixer. Developers halted deposits and withdrawals, as well as the operation of all markets on the platform.<\/p>\n<p>They noted that timely actions helped protect approximately $105 million, which the hacker could have potentially extracted from Penpie.<\/p>\n<p>The team confirmed that the perpetrator exploited a protocol feature allowing unrestricted market placements.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">Post Mortem<\/p>\n<p>Earlier today, a security breach targeting Penpie led to some loss of funds. In response, Pendle promptly paused our contracts, effectively safeguarding ~$105M that could have been further drained from Penpie.<\/p>\n<p>Thanks to coordinated efforts from multiple parties,\u2026 <a href=\"https:\/\/t.co\/KJd4SIRxPK\">https:\/\/t.co\/KJd4SIRxPK<\/a><\/p>\n<p>\u2014 Pendle (@pendle_fi) <a href=\"https:\/\/twitter.com\/pendle_fi\/status\/1831168623634993402?ref_src=twsrc%5Etfw\">September 4, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>At the time of writing, the platform has resumed normal operations. Penpie has offered the hacker a chance to become a &#8220;white hat&#8221; by returning the funds for a reward. In return, they promised confidentiality and no legal action.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cWe hope you see the value in resolving this matter peacefully. Please contact us to discuss the details,\u201d the developers wrote.<\/p>\n<\/blockquote>\n<div class=\"wp-block-text-wrappers-update-2 article_update\"><time class=\"gtb_text-wrappers_update_time\">September 4, 2024 | 18:09<\/time><span class=\"gtb_text-wrappers_update_head\">Update: <\/span><\/p>\n<p>PeckShield experts recorded the hacker transferring at least approximately 3000 ETH (~$7.32 million) to Tornado Cash for laundering.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/PeckShieldAlert?src=hash&#038;ref_src=twsrc%5Etfw\">#PeckShieldAlert<\/a> <a href=\"https:\/\/twitter.com\/Penpiexyz_io?ref_src=twsrc%5Etfw\">@Penpiexyz_io<\/a> exploiter-labeled address 0x2f2d\u20261C39 (Balance: 7.1K <a href=\"https:\/\/twitter.com\/search?q=%24ETH&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$ETH<\/a>) has moved 1K <a href=\"https:\/\/twitter.com\/search?q=%24ETH&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$ETH<\/a> (worth ~$2.4M) to the related laundering address 0xD440\u20266cC3 (Laundering)<br \/>The laundering address 0xD440\u20266cC3 has transferred another 100 <a href=\"https:\/\/twitter.com\/search?q=%24ETH&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$ETH<\/a> to <a href=\"https:\/\/twitter.com\/hashtag\/TornadoCash?src=hash&#038;ref_src=twsrc%5Etfw\">#TornadoCash<\/a> <a href=\"https:\/\/t.co\/MW8RUPKrim\">pic.twitter.com\/MW8RUPKrim<\/a><\/p>\n<p>\u2014 PeckShieldAlert (@PeckShieldAlert) <a href=\"https:\/\/twitter.com\/PeckShieldAlert\/status\/1831253958314332335?ref_src=twsrc%5Etfw\">September 4, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div>\n<p>The price of the Penpie token (PNP) reacted to the incident by plummeting from $1.33 to $0.89. Prices have since recovered to around $0.98, marking a 34.2% loss over the day (<a href=\"https:\/\/www.coingecko.com\/en\/coins\/penpie\">CoinGecko<\/a>).<\/p>\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" src=\"https:\/\/u1f987.com\/wp-content\/uploads\/Penpie-Price-PNP-Live-Price-Chart-Market-Cap-News-Today-CoinGecko-Google-Chrome.webp\" alt=\"Penpie-Price-PNP-Live-Price-Chart-Market-Cap-News-Today-CoinGecko-Google-Chrome\" class=\"wp-image-240373\"\/><figcaption class=\"wp-element-caption\">Data: CoinGecko.<\/figcaption><\/figure>\n<p>The coin&#8217;s market capitalization stands at ~$5.15 million.<\/p>\n<p>According to <a href=\"https:\/\/defillama.com\/protocol\/pendle#information\">DeFi Llama<\/a>, the value locked in Penpie&#8217;s smart contracts is $90.44 million. At its peak in July, this figure exceeded $386 million.<\/p>\n<p>In August, hackers stole digital assets worth $313.86 million in over 10 attacks, as calculated by PeckShield.<\/p>\n<p><em>Update (September 4, 2024, 11:20 Kyiv\/Moscow): corrected the mistakenly mentioned project name Pendle.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>On September 3rd, a hacker targeted the DeFi protocol Penpie, extracting digital assets worth over $27.3 million, according to experts from PeckShield. The loss is >$27M if we take into account the stolen YT tokens and possibly loss from other chain. https:\/\/t.co\/5bdhjf2WIH \u2014 PeckShield Inc. (@peckshield) September 3, 2024 \u201cThe root cause was the introduction [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":16661,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[44,1093],"class_list":["post-16662","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybercrime","tag-defi"],"aioseo_notices":[],"amp_enabled":true,"views":"18","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/16662","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=16662"}],"version-history":[{"count":0,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/16662\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/16661"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=16662"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=16662"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=16662"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}