Hackers breached Cork Protocol on May 28, stealing $12 million in digital assets through a malicious contract exploit.
Cork Markets Paused
On May 28, hackers breached the tokenized risk protocol Cork Protocol’s platform and made off with $12 million in digital assets. According to an alert shared by the blockchain security services platform Cyvers, the attackers executed the breach moments after deploying a malicious contract.
Web3 data platform Blockchain Insights said that its preliminary investigation showed that the exploiter was funded by an upstream address, which was in turn funded via a withdrawal from a wallet on the cryptocurrency exchange Whitebit. After siphoning 3,762 wstETH, the hacker immediately converted 4,530 ETH.
Following the attack, the tokenized risk protocol issued a statement acknowledging the incident and announcing a pause on Cork markets.
“There was a security incident affecting the wstETH:weETH market at 11:23 UTC today. All other Cork markets have been paused as a precaution, and no other markets have been impacted. We are actively investigating the situation and will continue to provide updates as more details become available. Thank you to our partners as we work through this,” Cork Protocol stated.
Launched in March 2024, Cork Protocol has operated a decentralized finance (DeFi) platform that allows users to hedge and trade the risk of “depeg” events for pegged crypto assets. Backed by Andreessen Horowitz and OrangeDAO, the protocol’s approach to pricing and hedging depeg risk was seen as innovative, building out a layer of risk management that was previously underdeveloped in the decentralized space. It is not clear how the hacking incident is set to impact its operations or dented its reputation.
Meanwhile, an investigation by Dedaub identified the exchange rate computation as the root cause of the breach. It added that “the attacker manipulated this by deploying fake tokens—the protocol contained logic to revert to a default value.”
#Binance #wendy #BTC $BTC $ETH $BNB
