Cyberattack on CURVE finance protocol

The attack, which was brutal and targeted the Curve decentralized finance protocol, has been underway since July 30 and is said to have already resulted in the theft of over $50 million. It is believed to be the result of a flaw in the programming language for smart contracts on the Ethereum Vyper blockchain, used by the decentralized trading platform (DEX). Several of Curve’s liquidity pools, denominated in various cryptocurrencies, are said to have fallen victim to the attack.

These liquidity pools are used by depositors to earn a return, and by traders for their trades.

According to a Vyper developer, the hackers certainly “took weeks, if not months” to find the vulnerability in Vyper.

According to reports in the trade press, some of the funds drained correspond to “white hats” hackers (ethical hackers, cybersecurity experts…), which would mean that they are not lost.

The program, Curve, manages around $3 billion in liquidity, making it one of the leading protocols in decentralized finance. It specializes in stablecoin swaps.

According to Chainalysis, DeFi protocols have been the main target of cryptocurrency hackers since 2021. In 2022, they accounted for over 80% of stolen funds, totalling $3.1 billion. Generally speaking, cryptocurrency piracy broke records last year.

Share on

Louis Torronde

All Posts »

Cyberattack on CURVE finance protocol

Home » Cyberattack on CURVE finance protocol

The Curve program, a DeFi protocol, has been the victim of several cyberattacks based on a flaw in the programming language of its smart contracts. The total value of the theft is estimated at over $50 million. The attack, which was brutal and targeted the Curve decentralized finance protocol, has been underway since July 30 and is said to have already resulted in the theft of over $50 million. It is believed to be the result of a flaw in the programming language for smart contracts on the Ethereum Vyper blockchain, used by the decentralized trading platform (DEX). Several of Curve's liquidity pools, denominated in various cryptocurrencies, are said to have fallen victim to the attack.

These liquidity pools are used by depositors to earn a return, and by traders for their trades. According to a Vyper developer, the hackers certainly "took weeks, if not months" to find the vulnerability in Vyper. According to reports in the trade press, some of the funds drained correspond to "white hats" hackers (ethical hackers, cybersecurity experts...), which would mean that they are not lost. The program, Curve, manages around $3 billion in liquidity, making it one of the leading protocols in decentralized finance. It specializes in stablecoin swaps. According to Chainalysis, DeFi protocols have been the main target of cryptocurrency hackers since 2021. In 2022, they accounted for over 80% of stolen funds, totalling $3.1 billion. Generally speaking, cryptocurrency piracy broke records last year.