Response to Potential Hack: How Pendle Safeguarded Funds Amidst Attack
In a rapid and united effort, DeFi project Pendle successfully protected approximately $105 million from a potential drain after a major hack involving Penpie, an independent yield optimizer in the Pendle ecosystem. Despite losing around $27.3 million due to the attacker exploiting Penpie’s protocol, Pendle’s quick action to pause its contracts prevented further losses and allowed normal operations to resume swiftly.
Swift Response to Threat: Detecting and Preventing Exploitation
The attack occurred on Tuesday at 17:45 UTC when the attacker deployed a malicious contract funded through Tornado Cash, interacting with Pendle’s contracts. Pendle’s internal monitoring system immediately flagged the suspicious contract, alerting the team to investigate further. By 17:46 UTC, Pendle’s team was on high alert, launching a rapid investigation to assess the seriousness of the threat posed by the contract. Just minutes later, at 18:23 UTC, the attacker executed the first attack on Penpie, exploiting its vulnerability due to a feature that enabled permissionless listing of Pendle markets.
- The attack took place on Tuesday at 17:45 UTC.
- The attacker used a malicious contract funded through Tornado Cash to interact with Pendle’s contracts.
- Pendle’s monitoring system detected the suspicious contract promptly.
Detection and Mitigation Efforts: Ensuring Security and Stability
In response to the breach, Pendle swiftly mobilized to protect its ecosystem from further attacks. By contacting security experts at Seal 911 at 18:34 UTC, the team formulated strategies to prevent additional breaches and safeguard user funds. At 18:45 UTC, Pendle made the critical decision to pause all contracts, effectively stopping any further attempts to exploit the system and securing approximately $105 million in assets.
Confirmation and Identification: Verifying Platform Safety Post-Attack
By 18:52 UTC, Pendle’s development team confirmed that Pendle’s contracts were secure, isolating the attack to Penpie due to its vulnerability. Blockchain security firm PeckShield identified the root cause of the breach, pointing to the introduction of an “evil market” by the attacker. Despite losing $27.3 million in assets to the attacker, Pendle worked diligently to ensure the safety of its ecosystem and coordinate with other platforms to mitigate risks.
- Confirmation of platform safety was achieved by 18:52 UTC post-attack.
- PeckShield identified the root cause as the introduction of an “evil market” by the attacker.
- Pendle lost $27.3 million in assets, converted into 11,109 ETH by the attacker.
Rapid Restoration: Unpausing Contracts and Ensuring Normalcy
After confirming the safety of Pendle’s contracts and assessing that other platforms were not at risk, Pendle resumed normal operations by unpausing its contracts at 00:50 UTC on Wednesday. Expressing gratitude to all involved in the response efforts, Pendle reiterated its commitment to the security and stability of its platform.
Impact and Negotiation: Addressing the Fallout of the Attack
Despite Pendle’s swift response, Penpie suffered a significant impact, with its PNP token dropping more than 33% immediately post-incident. Pendle’s native token also faced a decline of around 9% in the next 24 hours. Following the attack, Penpie extended an olive branch to the attacker, proposing negotiation for the safe return of funds without legal repercussions.
Speculation and Resolution: Addressing Possible Motives and Outcomes
There was speculation regarding the potential involvement of North Korean hackers in the attack, following a series of sophisticated attacks on crypto and DeFi companies. This incident underscores the importance of robust security measures and swift responses to protect the DeFi ecosystem from exploitation.
Hot Take: Safeguarding Assets and Strengthening Security in the Face of Threats
In the fast-paced world of DeFi, threats to the ecosystem are ever-present. However, with proactive monitoring, rapid response mechanisms, and coordination with security experts, platforms like Pendle can protect user assets and maintain the integrity of their operations. By learning from incidents like the Penpie attack, the DeFi community can bolster its defenses and ensure a more secure future for decentralized finance.
Sources:
- Twitter: PeckShield Inc.
- Twitter: Lookonchain
- Twitter: Pendle
By
By
By
