A hacker who targeted the CRV/ETH pool at the last minute reportedly made off with 7 million CRVs and $14 million in WETH.
In a statement released just before the most recent attack, Curve Finance said: “Due to a bug in the reentrancy lock, many stablepools (alETH/msETH/pETH) running Vyper 0.2.15 have been compromised. We are taking stock of the situation and will update the public when new information becomes available.”
The data suggests that the hackers depleted the pool of liquidity in the minutes prior to the intervention of the white hat hackers.
However, the hacked Alchemix platform had this to say: “While the transaction was being queued, a hacker emptied the alETH/ETH curve pool, taking with them the last of the available liquidity. Currently, this amounts to a loss of about 5,000 ETH in backing for alETH.”
The event caused an immediate $0.10 increase in CRV pricing, which is now down 13% to $0.636 as of this writing.
The first bit of communication came in the form of a message attached to a Blockchain transaction performed by the hacker responsible for the Curve Finance heist. The hacker claims he has transferred the assets to cold wallets for the time being and that the impacted protocols may reach him using the etherscan chat feature. It is believed that the hacker can negotiate with the relevant protocols.
Also Read: Billionaire M. Novogratz predicts a Bitcoin revolution in 2023