Nexo

Join the hunt for $12,000,000+ in NEXO Tokens!

Learn More
Home » News » DeFi Protocol Conic Finance Hacked for 1700 ETH

DeFi Protocol Conic Finance Hacked for 1700 ETH

by

A security breach at Conic Finance has resulted in a loss of over $3.2 million after a hacker exploited a reentrancy vulnerability and manipulated a faulty price oracle.

DeFi Protocol Conic Finance Hacked for 1700 ETH

Share this article

DeFi protocol Conic Finance reported a loss of 1700 ETH, valued at over $3.2 million. Blockchain security firm BlockSec has traced this incident to an unidentified hacker exploiting a reentrancy vulnerability early this morning.

Conic promptly alerted its user base via Twitter, confirming the exploit involving the ETH Omnipool, launched July 10, and only affecting ETH pools.

Conic Finance, known for allocating funds through the Curve decentralized exchange using liquidity pools, fell foul of a two-pronged attack involving the vulnerability and manipulation of a price oracle.

In this case, the attacker took out a flash loan of 20,000 staked ETH, redirecting it towards Conic’s price oracle, facilitating the exploit. The vulnerability was used in conjunction with a manipulation of Conic’s price oracle, which obtains its data from a third-party read-only smart contract.

In a tweet, Conic updated its community: “Update: – We are continuing to investigate the root cause of the exploit and are consulting with relevant parties. – We have disabled ETH Omnipool deposits on the Conic front end.”

Share this article

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

Crypto Briefing may augment articles with AI-generated content created by Crypto Briefing’s own proprietary AI platform. We use AI as a tool to deliver fast, valuable and actionable information without losing the insight - and oversight - of experienced crypto natives. All AI augmented content is carefully reviewed, including for factural accuracy, by our editors and writers, and always draws from multiple primary and secondary sources when available to create our stories and articles.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.