Odaily Daily News reported that Penpie released a report on the Hacker attack, with a total of approximately 27.34 million US dollars worth of 11,113.6 ETH stolen. The attacker exploited a security vulnerability on the Penpie platform by manipulating a fake Pendle market to maximize rewards. The vulnerability was located in the batchHarvestMarketRewards() function of the PendleStakingBaseUpg contract. The attacker manipulated the reward tokens and their quantities by repeatedly adding new deposits from Flash Loans through reentering the depositMarket() function. The Penpie team responded quickly, suspending deposit and withdrawal functions and cooperating with multiple security agencies to track the stolen funds.
Actualmente, el frontend de Penpie ha sido restaurado, y el equipo está colaborando con las autoridades para identificar y capturar a los atacantes. Además, el equipo de Penpie está desarrollando un plan de compensación para resolver justamente los problemas de pérdida de los usuarios afectados.
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
Penpie publica informe de análisis de incidentes de ataque de Hacker: elaborando un plan de compensación
Odaily Daily News reported that Penpie released a report on the Hacker attack, with a total of approximately 27.34 million US dollars worth of 11,113.6 ETH stolen. The attacker exploited a security vulnerability on the Penpie platform by manipulating a fake Pendle market to maximize rewards. The vulnerability was located in the batchHarvestMarketRewards() function of the PendleStakingBaseUpg contract. The attacker manipulated the reward tokens and their quantities by repeatedly adding new deposits from Flash Loans through reentering the depositMarket() function. The Penpie team responded quickly, suspending deposit and withdrawal functions and cooperating with multiple security agencies to track the stolen funds. Actualmente, el frontend de Penpie ha sido restaurado, y el equipo está colaborando con las autoridades para identificar y capturar a los atacantes. Además, el equipo de Penpie está desarrollando un plan de compensación para resolver justamente los problemas de pérdida de los usuarios afectados.