Penpie, a decentralized finance (DeFi) protocol built upon Pendle, suffered a significant setback on Wednesday when it lost over $27 million in a phishing attack. With its in-house monitoring system, the platform took subsequent steps to defend Pendle and Pencosystem from further attacks.
Penpie Funds Made as ETH
The platform released an official statement on X for its users, informing them to withdraw their assets as soon as possible. Further, they urged all users to revoke approvals to their contracts on their site until the issue was resolved to prevent further asset loss.
The exploit allowed the attacker to drain funds by creating a malicious contract, ultimately losing millions in user assets. Some of the stolen funds were converted to Ethereum (ETH). Around 1,000 ETH worth approximately $24.7 million were laundered via Tornado Cash to cover up the online trial.
Pendle Funds Remain Safe
On the other hand, following the incident, Pendle, while not directly attacked, also took precautionary measures by temporarily halting its contract operations with Penpie. Additionally, it actively safeguarded over $105 million from further attacks. Pendle assured its users that their funds remained secure and highlighted their commitment to closely monitoring the situation.
The platform later released a detailed timeline report on X stating how the security flaw was suspected and the steps that both Penpie and Pendle took to secure their assets. Further, it highlighted that all the funds on Pendle remained safe and unaffected, and the attack was only on Penpie.
$5M in Crypto Seized by FBI in North Carolina Fraud CasePlea to Hacker
To prevent further damage and potentially recover the stolen funds, Penpie contacted the hacker and offered an amount in exchange for the safe return of its assets. In a public statement on X, Penpie stated that they would refrain from legal action if the hacker complied and even organized a public vote for people to decide the fate of the matter. As Penpie continues to restore its platform and regain the trust of its users, the DeFi community is reminded of the risks in the system, even as it continues to innovate and expand.