DeFi protocol Pickle Finance has been hacked for $19.7M of the stablecoin DAI over the weekend. Because of this, the DeFi industry turned out to be a hackers’ paradise.
Pickle’s native token plunged 62%, falling from $23.27 to $8.70 when the hack was reported on Nov. 21. As of now, the token has rebounded 29% in 24 hours to $18.51.
This is the 4th hack that hit the DeFi space in two weeks. Akropolis, Value DeFi, and Origin protocol have been exploited for a total of $15.7M in flash loan attacks.
Pickle Finance is a yield aggregation service that rewards the users who provide liquidity to its different pools of stablecoins with interest and token disbursements in ether, stablecoins, or the native digital asset PICKLE.
It is not clear if Pickle Finance underwent a flash loan attack. Still, in a blog post, the management admitted that “this was a very complicated attack and involved many components of the Pickle protocol.” It has taken the protocol’s development team of 10 people more than four hours to be figured out.
The hacker has targeted Pickle Finance’s DAI pjar product, a concept similar to yearn.finance’s vaults and drained 19,759,355 of the US dollar-pegged stablecoin DAI. The jar harvests yield from DAI deposits made thru the decentralized lending protocol Compound.
Cyber-security expert Dmytro Volkov said that the DeFi hacking frenzy had been a result of rushed project development.
“Most of the defi projects’ hacks are based on vulnerabilities connected to errors in the source code. Errors in applications occur for various reasons, and it is errors that cause vulnerabilities and subsequent hacks of these applications,” said Volkov, the chief technology officer at crypto exchange CEX.IO.
“Cybercriminals look for errors in the defi protocols and exploit them for their ends. As defi projects become more popular and the greater the amount of capital that flows through them grows, the more this field will attract hackers, and the more hacks there will be,” he added.
No Comment