Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesCopyBotsEarn
Pendle Defi Project Protects $105M from Potential Drain After Penpie Hack

Pendle Defi Project Protects $105M from Potential Drain After Penpie Hack

CryptoNewsCryptoNews2024/09/04 23:24
By:Hassan Shittu

Pendle DeFi was able to protect over $105 million from a potential attack in a security breach involving Penpie.

Last updated:
September 4, 2024 11:51 EDT

In a swift and coordinated response, DeFi project Pendle successfully protected approximately $105 million from a potential drain following a significant hack involving Penpie, an independent yield optimizer built on the Pendle ecosystem.

Despite the attacker exploiting Penpie’s protocol, leading to a loss of around $27.3 million, Pendle’s rapid actions to pause its contracts prevented further losses, allowing the platform to resume normal operations quickly.

Pendle Potential Hack: Over $27 Million Lost to The Attack

The attack happened on Tuesday at 17:45 UTC. The attacker deployed a malicious contract funded through Tornado Cash, which interacted with Pendle’s contracts.

Alert: Penpie has encountered a security compromise.

We have paused all deposits and withdrawals. Our team is working tirelessly to address it. Your patience and support are invaluable during this time.

Stay tuned for further updates.

— Penpie (@Penpiexyz_io) September 3, 2024

Pendle’s in-house monitoring system promptly detected this suspicious contract, setting off immediate alarms within the team.

By 17:46 UTC, Pendle’s team was on high alert, launching a rapid investigation to determine whether the contract posed a real threat to their platform.

Just minutes later, at 18:23 UTC, the attacker executed the first attack on Penpie, compromising its security.

Penpie, an independent protocol within the Pendle ecosystem, was specifically targeted due to a vulnerability tied to a feature that allowed permissionless listing of Pendle markets.

As the exploit unfolded, Pendle’s team mobilized swiftly to defend both Pendle and the broader ecosystem against any subsequent attacks.

By 18:34 UTC, they had enlisted the expertise of security firm Seal 911 to assist in evaluating the threat and developing appropriate strategies to prevent further breaches.

At 18:45 UTC, Pendle made the critical decision to pause all of its contracts. This decisive action successfully halted any further exploitation attempts, effectively safeguarding approximately $105 million from being drained.

After a thorough investigation, we can confirm that funds on Pendle remain secure.

However, we have identified a security compromise in @Penpiexyz_io , an independent protocol built on top of Pendle.

As a precaution, we have temporarily paused all contracts, and shall maintain…

— Pendle (@pendle_fi) September 3, 2024

Simultaneously, Pendle proactively communicated with other protocols utilizing Pendle Principal Tokens (PTs) as collateral, alerting them to the contract pause to prevent any unintended consequences, such as liquidations, during the disruption.

The response involved contacting liquid locker protocols like Equilibria and StakeDAO, ensuring that the broader ecosystem was shielded from the same exploit vector.

Restoration Process: PNP Token Dip By More Than 33% Following Penpie Attack

By 18:52 UTC, Pendle’s development team confirmed that the contracts within Pendle’s scope were safe, affirming that the attack was isolated to Penpie due to its specific vulnerability.

Blockchain security firm PeckShield further identified the root cause of the breach.

Today @Penpiexyz_io was exploited, resulting in a loss of $>16M, including $7,879,029.18 wstETH, $2,517,458.57 sUSDe, $3,409,021.04 agETH, $2,226,244.80 rswETH and four other Pendle-related YT tokens.

The root cause is the introduction of an evil market that was used to… pic.twitter.com/PCv8Rb7LdJ

— PeckShield Inc. (@peckshield) September 3, 2024

It revealed that the attacker had introduced an “evil market,” a malicious contract that inflated staking balances on Penpie to fraudulently claim rewards.

Despite Pendle’s quick response, the attacker managed to siphon off approximately $27.3 million worth of assets, which were converted into 11,109 ETH, according to blockchain analytics provider Lookonchain.

Penpie( @Penpiexyz_io ) was exploited for $27.3M, including:

2,695 rswETH($6.62M)
4,101 agETH($10.17M)
2,723 wstETH($7.77M)
2.52M sUSDe($2.77M)

The hacker exchanged all assets for 11,109 $ETH ($27M) and deposited 1000 $ETH ($2.34M) into #TornadoCash . https://t.co/u7SYHRL8UI pic.twitter.com/NUcD3Qrv4X

— Lookonchain (@lookonchain) September 4, 2024

In the following hours, Pendle coordinated closely with all relevant parties to confirm that other platforms within the ecosystem were not at risk.

After rigorous checks and confirmation that Penpie had paused its own contracts and that there were no broader exposures, Pendle safely unpaused its contracts at 00:50 UTC on Wednesday.

All contracts have been unpaused and transactions are now resuming as normal

The breach was contained within Penpie, and funds on Pendle are safe.

The Penpie team is working on a post-mortem report, which will be released soon to provide further details. https://t.co/Z8SIJ70z4B

— Pendle (@pendle_fi) September 4, 2024

The company extended gratitude to various individuals and teams who contributed to the response, emphasizing that the safety and security of the platform remain top priorities.

Despite Pendle’s robust response, Penpie’s impact was significant, with its PNP token plummeting by more than 33% immediately following the incident, as reported by CoinGecko.

Pendle’s native token also faced a decline, dropping around 9% over the following 24 hours.

In the aftermath, Penpie expressed willingness to negotiate with the attacker, proposing a deal that included no legal action, confidentiality of the attacker’s identity, and a bounty reward in exchange for cooperation.

To the hacker: We acknowledge your exploit of our protocol and believe there's potential for a positive resolution that benefits all parties. Penpie is a community-driven project, and these funds mean a lot to our users. We are willing to negotiate a bounty for the safe return of…

— Penpie (@Penpiexyz_io) September 4, 2024

Speculation had it that this might be the work of North Korean hackers because it followed a recent warning from the FBI about the sophisticated attack they targeted on crypto and DeFi companies.

0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.
APR up to 10%. Always on, always get airdrop.
Lock now!

You may also like

What Will Happen in the Bitcoin Price in the Coming Days? Has the Peak Been Reached or Is There Still Room to Rise? Here are the Opinions of the Anal

What kind of price movements will Bitcoin, the world's largest cryptocurrency, experience in the coming days? Here are the opinions.

Bitcoinsistemi2024/11/29 07:00

This Artificial Intelligence Robot Keeps 40.000 Dollars in His Wallet: It Will Send It All To Whoever Convinces It

In the cryptocurrency world, different applications continue to emerge every day. This time, an artificial intelligence robot is on the agenda.

Bitcoinsistemi2024/11/29 07:00

How Much Will Bitcoin Price Be in 2026? Analyst Reveals Prediction on Live Stream

Cryptocurrency analyst Mark Palmer made a statement predicting the Bitcoin price for 2026. Here are the details.

Bitcoinsistemi2024/11/29 07:00