Decentralized finance (DeFi) platform Conic Finance has been targeted by hackers, resulting in a loss of 1,700 Ethereum, currently valued at over $3.2 million. The protocol, which was launched recently in March, confirmed the breach on Friday, stating that an investigation into the root cause of the exploit was in progress.
The team behind Conic Finance later identified the nature of the attack as a “re-entrancy attack” and assured that a fix was being implemented to the compromised contract. They also confirmed that withdrawals were secure and promised a more comprehensive breakdown of the incident in the near future.
Blockchain security firm Beosin reported that the stolen cryptocurrency was all transferred to a single address. Conic Finance, an application that allows users to deposit tokens into its “omnipools” to earn rewards, had its Ethereum omnipool targeted in this attack. The protocol has since disabled deposits to this pool.
DeFi, which aims to replace traditional financial services like borrowing and lending with blockchain technology, is known for its high rewards but also carries significant risks. The experimental nature of these applications often leads to flaws in the code that can be exploited by malicious actors, resulting in substantial financial losses.
According to data from blockchain firm Chainalysis, last year was the “biggest year ever for hacking” in the crypto space, with most attacks occurring in the DeFi sector. In the second quarter of this year alone, DeFi traders lost $228 million, a 63% increase compared to the same period last year.
Immunefi reported that the majority of these losses stemmed from two specific incidents: the June 3 hack of Atomic Wallet and the May 23 exit scam by the now-defunct Fintoch platform. The report also highlighted that BNB Chain and Ethereum were the most targeted, accounting for 77% of all losses in the last quarter, followed by Arbitrum at 12%. The rise in attacks on Arbitrum was particularly notable, given that it had no incidents in the same period last year.