Decentralized finance (DeFi) protocol Pike Finance has fallen victim to two separate attacks within a three-day period due to a major security breach. Moreover, it caused a total loss of over 1.6 million dollars. The attacks, detected on April 30, resulted in the theft of the protocol’s altcoin projects. It also targeted cross-chain lending functions on the Ethereum (ETH), Arbitrum (ARB), and Optimism (OP) blockchains.
Pike Finance came to the fore with suspicious attacks
Blockchain security company Cyvers first raised the alarm after detecting suspicious transactions on Pike Finance. Their investigation revealed a significant financial loss of approximately $1.6 million. On-chain analysis platform CertiK traced the origin of the attacks to a vulnerability in Pike Finance’s smart contracts, the self-executing code that governs the protocol’s transactions.
The attacker reportedly exploited a function called “initialization” to inject malicious code into the smart contract system. This manipulation allowed them to manipulate a critical variable and gain unauthorized control over the protocol’s upgrade process. With this control, the attacker can rewrite the rules of the smart contract and withdraw its funds.
A security vulnerability was discovered on April 26: There is a loss in those 3 altcoin projects
This exploit follows a similar incident reported on April 26, in which Pike Finance was exposed to a vulnerability related to USD Coin (USDC) withdrawals. In the previous attack, which was attributed to weak security measures on USDC transfers, attackers stole a total of 299,127 USDC by manipulating recipient addresses.
In response to the latest exploit, Pike Finance released a statement acknowledging the attack and detailing the stolen funds. The analysis revealed losses of 99,970.48 ARB, 64,126 OP and 479.39 ETH. The protocol is actively investigating the breach and has offered a 20% reward for any information leading to the recovery of the stolen assets. They also plan to discuss possible compensation for affected users.
The last two attacks highlight the critical importance of robust security measures in DeFi protocols. While smart contracts offer automation and transparency, they are susceptible to vulnerabilities that can be exploited by malicious actors. Pike Finance’s case serves as a cautionary tale for other DeFi projects, encouraging them to prioritize comprehensive code audits and implement strict security protocols to protect user funds.
To be informed about the latest developments, follow us Twitter’in, Facebookin and InstagramFollow on . Telegram And YouTube Join our channel.