Cork Protocol pauses contract amid $12 million DeFi exploit
Cork Protocol, a decentralized finance venue for trading pegged asset-related risks, lost about $12 million in wrapped staked ETH, or wstETH, on Wednesday. The attacker withdrew some 3,761.87 wstETH using a malicious contract, according to security analysts at Cyvers.
As of writing, the exploiter has only swapped the stolen funds for ETH. The funds have not been scattered across several wallets yet, as onchain hackers typically do.
Phil Fogel, founder of Cork Protocol, confirmed the incident and said the team was probing the cause. “We are investigating a potential exploit on Cork Protocol and are pausing all contracts,” Fogel wrote on X. “We will report back with more information.”
Launched in March, Cork Protocol introduced a new DeFi primitive — trading risks associated with depeg events. It allows users to speculate on disparities between an asset's intended value and its real-time spot price.
The DeFi platform received investments from a16z Crypto, OrangeDAO, and Steakhouse Financial in September 2024, according to a Chainwire report. Also, it joined a16z Crypto's CSX Fall 2024 cohort.$BTC
