Penpie releases analysis report on hacking incident: compensation plan is being drafted

2024-09-05 10:06:41

Collection

ChainCatcher news, Penpie has released a report on the hacking incident, with a total of approximately $27.34 million worth of 11,113.6 ETH stolen. The attacker exploited a security vulnerability on the Penpie platform by manipulating a fake Pendle market to maximize rewards. The vulnerability is located in the batchHarvestMarketRewards() function of the PendleStakingBaseUpg contract, where the attacker manipulated the reward tokens and their quantities by re-entering the depositMarket() function and repeatedly adding new deposits from flash loans. The Penpie team responded quickly, suspending deposit and withdrawal functions, and collaborating with multiple security agencies to trace the stolen funds.

Currently, the Penpie frontend has been restored, and the team is working with law enforcement to identify and apprehend the attacker. Additionally, the Penpie team is developing a compensation plan to fairly address the losses of affected users.

(Source Link)

Related tags

Penpie hacking incident

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.