Penpie exploited for $27 million in reentrancy attack

The post Penpie exploited for $27 million in reentrancy attack appeared on BitcoinEthereumNews.com.

Yield protocol Penpie got exploited for $27 million on Sept. 3 after a malicious agent explored a vulnerability in the protocol’s smart contracts. Penpie is a yield protocol on Pendle that aims to boost rewards for users on the network. Reentrancy exploited In a Sept. 4 breakdown, blockchain security firm Hacken explained that the attacker used a pool with fake tokens to perform the heist. The exploiter created valueless versions of Pendle’s yield-bearing tokens, Standardized Yield (SY), and tied them to valuable assets. The attacker deployed five malicious contracts to act as legitimate liquidity pools and trick Penpie’s rewards system, but only three of them were used. He then leveraged the fake SY tokens as tickets to claim real yield. Three attack transactions were executed between 6:25 P.M. and 6:42 P.M. UTC. The first transaction extracted the highest amount, siphoning $15.7 million, followed by two other transactions that took $5.6 million each out of Penpie’s contract. The exploiter got away with 695 Restaked Swell ETH (rswETH), 4,101 Kelp Gain (agETH), 2,723 Wrapped Staked ETH (wstETH), and 2.52 million Staked Ethena USD (sUSDe). The remaining two malicious contracts deployed by the exploiter were not used in the attack, which was made possible due to a reentrancy vulnerability in Penpie’s contract. A reentrancy vulnerability occurs when a contract needs to make an external call to another smart contract before updating its own state. Thus, malicious contracts can fool the protocol by changing information and inputting actions. Notably, the losses could have been larger. Pendle identified the malicious transactions and paused its contracts at 6:45 P.M. UTC, three minutes after the third attack. Hacken highlighted: “This was crucial, as the attacker deployed a fourth malicious contract only a minute later. Pausing Pendle’s contracts effectively halted the exploit, preventing further loss.” The whole batch of…

Leave a Reply

Your email address will not be published. Required fields are marked *

Filed under: News - @ September 4, 2024 8:17 pm