A hacker discovered a critical vulnerability in the DeFi (DeFi) protocol Resupply on Thursday morning, stealing nearly $9.6 million in digital assets. The attacker manipulated the token price through a bug in the smart contract.
According to blockchain security analysts, Resupply, a DeFi stablecoin platform integrated with Convex Finance and Yearn Finance, was the primary target of the exploit. Hackers used sophisticated tactics to manipulate the price of cvcrvUSD, a Convex-linked token, to trick the system and borrow against nearly worthless collateral.
Smart contract bug causes rate to drop to 0
The main vulnerability was discovered in the ResupplyPair contract on the Ethereum network with the address “0x6e…6bd6”. This contract uses the cvcrvUSD Token price to calculate the internal exchange rate during the collateral lending process.
Another lending protocol exploited through rate manipulation in low or near illiquid markets!
Attacker artificially inflated#cvcrvUSDshare price via coordinated donation transactions. @ResupplyFi's ResupplyPair contract (https://t.co/yo2N5lScHi, created ~2 hours ago) uses… https://t.co/MelEYFLr98 pic.twitter.com/2qXC9IiREL
— BlockSec Phalcon (@Phalcon_xyz) June 26, 2025
The attacker used this mechanism to artificially inflate the price of cvcrvUSD Tokens using synchronized donation transactions. As the price of this Token skyrocketed, the price entered into the ResupplyPair contract also increased.
However, a bug in the source code, due to the use of floor division, caused the internal rate to be rounded to zero when the Token price exceeded a predetermined threshold.
When the rate is 0, the hacker can borrow a large amount of Resupply's native stablecoin reUSD with just 1 wei cvcrvUSD as collateral. Liquidity checks based on this rate are completely bypassed.
“The attacker manipulated the Token price, triggering a zero rate bug in Resupply’s smart contract, allowing huge amounts of money to be borrowed for almost nothing,” commented Hakan Unal, head of security operations at Cyvers.
Trade anonymously with Tornado Cash
Blockchain activity shows that the hacker initially funded the wallet via Tornado Cash, a decentralized transaction mixing protocol used by crypto criminals to hide the origin of funds. The attack started with a 2 ETH transaction on Cow Swap, according to an analysis by security firm PeckShield.
After mining, the hacker liquidated the stolen assets by converting reUSD into stablecoins and Ethereum via DEXs like Curve and Uniswap.
The $9.6 million profit was distributed across two separate Ethereum addresses. The hacker used USDC and wrapped Ethereum (wETH) to store the final funds.
Resupply confirmed the attack, saying the wstUSR market was affected and had paused all contracts to prevent further damage.
“Users should avoid reUSD vaults and withdraw funds if possible,” Unal advised.
Cryptocurrency-related attacks to explode in 2025
The Resupply incident is part of a string of high-profile hacks targeting both DeFi and centralized platforms. Blockchain analytics firm Chainalysis reports that more than $2.3 billion has been stolen in cryptocurrency attacks since the start of 2025, surpassing last year's total in the first half of the year alone.
Just days earlier, on June 18, Iranian cryptocurrency exchange Nobitex was also hit by a major hack. Hackers stole more than $90 million in digital assets across multiple blockchains including Bitcoin, Ethereum, Dogecoin, Ripple, Solana, Tron, and Ton.
Previous investigations have linked wallets on Nobitex to groups linked to Iran's Islamic Revolutionary Guard Corps (IRGC), an ally of the Houthi rebels in Yemen and the Hamas organization.
The Israeli National Bureau for Countering Terrorist Financing (NBCTF) identified the exchange as a conduit for funds for several banned entities, including the pro-Hamas media outlet Gaza Now, an al-Qaeda propaganda arm, and sanctioned Russian cryptocurrency exchanges Garantex and Bitpapa.
Source: https://tintucbitcoin.com/tin-tac-danh-cap-96-trieu-usd-resupply/
Thank you for reading this article!
Please Like, Comment and Follow TinTucBitcoin to stay updated with the latest news about the cryptocurrency market and not miss any important information!
