Cork Protocol was attacked by a Hacker, resulting in a loss of over $12 million.

Cork Protocol was attacked by a Hacker, resulting in losses exceeding 10 million dollars.

On May 28, a decentralized finance platform was hacked, resulting in a loss of over $12 million in funds. This incident highlights that DeFi projects still have vulnerabilities in terms of security.

Loss of over 10 million USD, analysis of the Cork Protocol hacking incident

On the day of the incident, a security company was the first to discover suspicious activities related to the platform and issued a security warning. Subsequently, the platform's official announcement stated that a security incident had occurred in its wstETH:weETH market, and to prevent further risks, the platform had suspended trading in all other markets.

Loss exceeds 10 million USD, analysis of the Cork Protocol hacking incident

This platform aims to provide functionalities similar to credit default swaps in traditional finance, specifically for hedging the de-pegging risks of stablecoins, liquid staking tokens, and other pegged assets in the DeFi ecosystem. Users can transfer the price fluctuation risks of stablecoins or LST/LRT to market participants through trading risk derivatives, thereby reducing risks and enhancing capital efficiency.

Loss exceeded 10 million USD, analysis of the Cork Protocol hacking incident

According to security experts' analysis, there are two fundamental reasons for this attack:

  1. The platform allows users to create markets with any asset as the redemption asset (RA), enabling attackers to use derivative tokens DS as RA.

  2. Any user can call a specific function of a contract without authorization and pass in custom data for operation, allowing attackers to manipulate the deposit of DS from a legitimate market into another market for use as RA, and obtain the corresponding tokens.

Loss exceeding 10 million dollars, analysis of the Cork Protocol hacking incident

The attacker first purchased the weETH8CT-2 token on a legitimate market, and then created a new market with the weETH8DS-2 token as the RA and wstETH as the PA. By constructing specific data, the attacker transferred the weETH8DS-2 token from the legitimate market to the new market as the RA and obtained the corresponding CT and DS tokens for the new market.

Loss exceeds 10 million USD, analysis of the Cork Protocol hacking incident

In the end, the attacker used the obtained tokens to perform a series of operations in both new and old markets, successfully stealing a large number of wstETH tokens.

Loss exceeds 10 million USD, analysis of the Cork Protocol hacking incident

According to on-chain analysis tools, the attacker profited 3,761.878 wstETH, worth over $12 million. Subsequently, the attacker exchanged these wstETH for 4,527 ETH through 8 transactions. Currently, about 4,530 ETH remains in the attacker's address.

Loss of over 10 million USD, Analysis of Cork Protocol Hacking Incident

This incident once again reminds DeFi project developers to carefully verify whether each step of the protocol design meets expectations and to strictly limit the types of assets in the market to prevent potential security risks. At the same time, users participating in DeFi projects should remain highly vigilant and constantly pay attention to project dynamics and security warnings.

Loss of over 10 million USD, Analysis of the Cork Protocol hacking incident

View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • 7
  • Share
Comment
0/400
PortfolioAlertvip
· 23h ago
Another project has exploded!
View OriginalReply0
LiquidationSurvivorvip
· 07-07 14:34
Another sucker played people for suckers and pulled the rug.
View OriginalReply0
BlindBoxVictimvip
· 07-07 09:04
Another pile has been hollowed out.
View OriginalReply0
ContractExplorervip
· 07-07 09:04
Another project has been touched, not surprising at all.
View OriginalReply0
HorizonHuntervip
· 07-07 09:02
Once again, hackers play people for suckers.
View OriginalReply0
HashBanditvip
· 07-07 09:01
just another day in defi... reminds me of when i lost my mining rig to a sketchy pool back in 2018 smh
Reply0
SnapshotLaborervip
· 07-07 08:55
It has been messed up again.
View OriginalReply0
Trade Crypto Anywhere Anytime
qrCode
Scan to download Gate app
Community
English
  • 简体中文
  • English
  • Tiếng Việt
  • 繁體中文
  • Español
  • Русский
  • Français (Afrique)
  • Português (Portugal)
  • Bahasa Indonesia
  • 日本語
  • بالعربية
  • Українська
  • Português (Brasil)