Penpie Protocol Got exploited : Lost $27 Millions in Funds

2 months ago 41

The post Penpie Protocol Got exploited : Lost $27 Millions in Funds appeared first on Coinpedia Fintech News

Penpei, a protocol built on Pendle, got hacked on September 3 losing $27 Million. This year has brought a whole another level of crypto hacks. Looking at the crypto hacks, it is evident that crypto hackers have become more active this year. Just 8 months into this year and crypto has already lost $1.2 billion to hacks and exploits. Let’s explore the recent hack on Penpie.

The Hack

Around 9 hours ago, an X account Chaofan Shou, affiliated with Fuzzland made a post with an initial information of Penpei protocol getting drained. In its post, the account stated that $17 Million has been hacked, that means even after a user found and posted about the hack, the protocol was not aware of it. This resulted in loss of another $10 million in funds. The lost funds include Ether and stable coins such as USDC and sUSDE. The X account also reported this incident to etherscan, marking a red flag on the address.

Seems like @Penpiexyz_io got hacked. $17M loss.
https://t.co/ReiZla7rMt pic.twitter.com/EG4EXHGPQg

— Chaofan Shou (@shoucccc) September 3, 2024

Crisis Management

Penpie made an X post almost an hour later after the exploit was already happening. They informed the community that it has encountered a security breach hence, deposits and withdrawals are paused. Pendle on the other hand told the community that funds on Pendle are secured and they have temporarily paused all the contracts.

Alert: Penpie has encountered a security compromise.

We have paused all deposits and withdrawals. Our team is working tirelessly to address it. Your patience and support are invaluable during this time.

Stay tuned for further updates.

— Penpie (@Penpiexyz_io) September 3, 2024

Penpie kept sharing details of steps they have been taking every hour through X post. Just an hour ago, Pendle shared the timeline of events and the actions they have taken since their monitoring system detected the exploit. According to their report, with a prompt reaction, they were able to safeguard around $105 Million worth of assets from getting drained.

Etherscan data showing hacked funds of Penpie protocol

Negotiation With Attacker : Bounty Proposed

Penpie in their recent X post have shared a message for the exploiter requesting to return the funds. They said that they are ready for a negotiation and provide a certain percent of the stolen funds as bounty. They also offered the hacker that they will not take any legal action if the funds are returned as Penpie is a community driven protocol. This is an offer for the hacker to turn into a white hat and get rewarded for his skills.

To the hacker: We acknowledge your exploit of our protocol and believe there's potential for a positive resolution that benefits all parties. Penpie is a community-driven project, and these funds mean a lot to our users. We are willing to negotiate a bounty for the safe return of…

— Penpie (@Penpiexyz_io) September 4, 2024

Looking ahead

The year 2024 has witnessed a huge number of crypto hacks. There is a rise of 15.5% in crypto thefts as compared to last year. The FBI issued a public announcement yesterday to alert the crypto ecosystem about the North Korean hackers as they are performing highly tailored social engineering attacks on crypto projects. All these exploits and hacks highlight the need of cutting edge security systems for crypto projects.

Read Entire Article