Odaily Planet Daily News, Penpie released a report on Hacker's attack, a total of about $27.34 million worth of 11,113.6 ETH were stolen. The attacker exploited a security vulnerability on the Penpie platform to maximize rewards by manipulating a fake Pendle market. The vulnerability is located in the batchHarvestMarketRewards() function of the PendleStakingBaseUpg contract. The attacker manipulated the reward Jeton and its quantity by repeatedly adding new deposits from Prêts Flash through the re-entry depositMarket() function. The Penpie team quickly responded by suspending deposit and withdrawal functions and working with multiple security agencies to track the stolen funds.
Pour le moment, le front-end de Penpie a été rétabli, et l'équipe travaille en collaboration avec les autorités chargées de l'application de la loi pour identifier et arrêter les attaquants. De plus, l'équipe de Penpie travaille sur un plan de compensation pour régler équitablement les pertes subies par les utilisateurs affectés.
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
Penpie a publié un rapport d'analyse d'incident de piratage : en train d'élaborer un plan de compensation
Odaily Planet Daily News, Penpie released a report on Hacker's attack, a total of about $27.34 million worth of 11,113.6 ETH were stolen. The attacker exploited a security vulnerability on the Penpie platform to maximize rewards by manipulating a fake Pendle market. The vulnerability is located in the batchHarvestMarketRewards() function of the PendleStakingBaseUpg contract. The attacker manipulated the reward Jeton and its quantity by repeatedly adding new deposits from Prêts Flash through the re-entry depositMarket() function. The Penpie team quickly responded by suspending deposit and withdrawal functions and working with multiple security agencies to track the stolen funds. Pour le moment, le front-end de Penpie a été rétabli, et l'équipe travaille en collaboration avec les autorités chargées de l'application de la loi pour identifier et arrêter les attaquants. De plus, l'équipe de Penpie travaille sur un plan de compensation pour régler équitablement les pertes subies par les utilisateurs affectés.