Pike Finance clarifies ‘USDC vulnerability’ statement on $1.6M exploit

cyptouser7 months agoCryptocurrencies News159
55966e89>

The decentralized finance (DeFi) protocol Pike has clarified its previous statement regarding a vulnerability found in USDC Coin (USDC). The clarification comes after the platform experienced a $1.6 million exploit on April 30.

On May 1, Pike published an announcement saying that the exploit was related to a vulnerability on USDC and that USDC’s product offerings had nothing to do with the security lapse that the network suffered.

“This exploit is related to the initial USDC vulnerability that was reported last week on the 26th of April.”

However, the DeFi protocol quickly retracted the statement, explaining that the phrase they used did not accurately describe the exploit that transpired.

Source: Pike Finance

Pike highlighted that the exploit was caused by lapses in its security measures in its contract functions when handling transfers with the Cross-Chain Transfer Protocol (CCTP), a service provided by USDC-issuer Circle.

Pike clarified that the root cause of the exploit is unrelated to the functionality of Circle’s product offerings.

In a previous announcement, Pike Finance said that its auditing partner had already discovered the vulnerability that caused the first hack on April 26, but their team could not address it. They wrote:

“It is important to clarify that this vulnerability was previously identified by our auditing partner, OtterSec. Our developer team was unable to address the identified vulnerability in a timely manner.”

Pike noted that the exploit resulted from their team’s “improper integration” of third-party technologies like the CCTP or Gelato Network’s automation services.

The initial attack led to the theft of $300,000 worth of digital assets.

Related: April sees $25M in exploits and scams, marking historic low ― CertiK

On April 30, an attacker used a vulnerability in the protocol’s smart contract to drain about $1.68 million across Ethereum, Arbitrum and Optimism. In total, the attacker took $1.4 million in Ether (ETH), $150,000 in Optimism (OP) and about $100,000 in Arbitrum (ARB) tokens.

Pike recognized that both attacks were due to the same smart contract vulnerability. The protocol said that the misalignment in the contract eventually allowed the attackers to bypass admin access and withdraw funds.

Even though hacks still plague the crypto space, data shows that losses in crypto-related hacks showed a sharp decline in April compared to February and March.

On May 1, PeckShield reported that losses from hacks in April dropped to $60 million, a steep jump from February’s $360.8 million and March’s $187.6 million.

Magazine: Web3 gaming won’t exist in 5 years, $656K for best crypto game pitch: Web3 Gamer

The content on this website comes from the Internet. Due to the inconvenience of proofreading the authenticity and accuracy of the copyright or content of some content, it may be temporarily impossible to confirm the authenticity and accuracy of the copyright or content. For copyright issues or other issues caused by this, please Call or email this site. It will be deleted or changed immediately after verification.

related articles

Argentina legalizes Bitcoin for contract settlements

Argentina’s new government has officially legalized the use of Bitcoin and other cryptocurrenc...

Super Sushi Samurai token plunges 99% due to double spending glitch

25cc9d4a˃GameFi project Super Sushi Samurai (SSS), built on Coinbase’s Base layer-2 blockchain and t...

Investor shares story of falling victim to $100K crypto hack

Investor shares story of falling victim to $100K crypto hack

55966e89˃Although theoretically, one can protect themselves from malicious actors in the crypto spac...

Price analysis 3/22: BTC, ETH, BNB, SOL, XRP, ADA, DOGE, AVAX, SHIB, TON

Price analysis 3/22: BTC, ETH, BNB, SOL, XRP, ADA, DOGE, AVAX, SHIB, TON

25cc9d4a˃Bitcoin’s (BTC) failure to build upon its solid comeback on March 20 shows that bears are s...

Is Bitcoin's on-chain bull run momentum over? Indicator flashes red

Is Bitcoin's on-chain bull run momentum over? Indicator flashes red

1205f261˃Bitcoin (BTC) OGs appear to be gearing up to cash in on their gains ahead of the Bitcoin ha...

BitGo’s $100M suit against Galaxy can proceed — Delaware Supreme Court

BitGo’s $100M suit against Galaxy can proceed — Delaware Supreme Court

55966e89˃Delaware’s Supreme Court has reversed a ruling from a lower court that dismissed a $100 mil...