Cork Protocol Halts Trading After $12M wstETH Heist Hits Core Pool
TLDR
$12M Exploit Hits Cork Protocol Despite Four Audits
Malicious Contract Drains 3,761 wstETH in Just 17 Minutes
Cork Pauses Trading After Precision DeFi Attack
Top-Backed DeFi Project Breached—Audit Failures Exposed
Cork Protocol Investigates Smart Contract Flaw Post-Hack
Cork Protocol suffered a security breach on May 28, 2025, with $12 million in wstETH lost to a smart contract exploit. The attack targeted the wstETH:weETH trading pair just 16 minutes after a malicious contract went live. Although the platform had completed four audits, the vulnerability remained undiscovered.
Malicious Contract Drains 3,761.87 wstETH from wstETH:weETH Pool
The exploit began when a wallet, previously funded by address 0x4771…762B, deployed a malicious contract at 11:23 UTC. Cyvers analysts confirmed the contract targeted Cork Protocol’s wstETH:weETH market, extracting 3,761.87 wrapped staked ETH. The attacker then converted the assets to regular ETH, but the funds have not moved further.
🚨ALERT🚨Our system has identified a $12M smart contract exploit, with @CorkProtocol potentially the victims.
A malicious contract was deployed on May 28, 2025 at 11:23:19 UTC by an address funded by 0x4771…762B (likely a service provider).
Just 16 minutes and 45 seconds… pic.twitter.com/72ScizbJPZ
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) May 28, 2025
This smart contract executed the exploit within 17 minutes, showcasing high-level precision and planning. The drained assets were immediately swapped using a decentralized exchange. However, no evidence shows the stolen ETH has been redistributed across multiple wallets yet.
The attacker likely used a third-party service or bridge linked to the 0x4771…762B address. That address might belong to a provider used by Cork for bridging or liquidity. This breach highlights how critical integration points can expose systems to complex vulnerabilities.
All Trading Paused While Cork Investigates Exploit Source
The Cork Protocol team acted fast by pausing all markets after the exploit hit the wstETH:weETH pair. As of now, no other Cork markets have experienced similar issues. Their internal investigation is ongoing as they analyze the exploit’s origin and scope.
The platform’s founder confirmed that engineers are assessing the breach and will share updates once more facts are established. Cork is also working closely with auditors, partners, and independent researchers to uncover how the exploit passed unnoticed. The affected smart contract is currently under full review.
Cork launched in March 2025 to offer DeFi users risk exposure to pegged asset fluctuations. It enables speculative trades on price deviations from target values, offering unique market opportunities. However, this exploit now raises serious concerns about protocol resilience.
Backed by Leading Investors, but Audits Fail to Prevent Attack
Despite security checks, including two audit contests, the vulnerability remained undetected. Four total audits had previously cleared Cork’s smart contracts without flagging this flaw. Security researchers now question the depth and effectiveness of these audit processes.
⚠️Cork Protocol hacked, losing around $12 million.
Hackers went after their wrapped staked Ethereum contract, targeting the wstETH:weETH trading pair. Despite four audits, including two contests, the vulnerability went undetected.
Here’s what went down: The hacker set up a bad… https://t.co/EoJdVHF8BT pic.twitter.com/OORNaWFwxp
— VERITAS PROTOCOL (@veritas_web3) May 28, 2025
Cork had received investments from a16z Crypto, OrangeDAO, and Steakhouse Financial. It was part of a16z Crypto’s CSX Fall 2024 accelerator, adding more credibility to its launch. These affiliations had given users confidence in the protocol’s reliability.
The exploit challenges the assumption that audits can prevent complex contract-based threats. Consequently, DeFi users and investors must remain cautious, even with vetted platforms. As investigations continue, the community awaits stronger protection measures and post-mortem insights.
The post Cork Protocol Halts Trading After $12M wstETH Heist Hits Core Pool appeared first on CoinCentral.
Filed under: News - @ May 28, 2025 4:27 pm