Pike Finance Suffers Double Attack in 3 Days, Loses $1.98M in Smart Contract Exploit

The post Pike Finance Suffers Double Attack in 3 Days, Loses $1.98M in Smart Contract Exploit appeared first on Coinpedia Fintech News

Yet another shocking development in the crypto space.

Pike Finance, a decentralized finance (DeFi) lending protocol, fell victim to a new exploit, resulting in a significant loss of $1.68 million in digital assets. This marks the second breach in just three days, shedding light on the ongoing vulnerabilities within the DeFi sector.

A recent report by Cyvers Alerts, a blockchain security and analytics firm, revealed a troubling discovery: the hacker managed to exploit vulnerabilities in smart contracts across three different chains – Ethereum, Arbitrum, and Optimism – all on April 30.

UPDATE@PikeFinance has experienced a security breach and cause more than $1.6M loss on #ARB, #ETH and #OP chains due the initial USDC vulnerability reported on April 26th, protocol paused for upgrades.

The inclusion of a new dependency shifted storage layout, causing… https://t.co/HSqC6Y1nF4

— Cyvers Alerts (@CyversAlerts) May 1, 2024

Multi-Million Dollar Drain

The attacker gained control over the output address within Pike Finance’s smart contract, orchestrating a significant transfer of cryptocurrency to their own account. The damage totaled $1.4 million in Ether (ETH), $150 thousand in Optimism (OP) tokens, and over $100 thousand in Arbitrum (ARB) tokens.

Déjà vu?

Interestingly, this breach follows a similar incident on April 26, where Pike Finance suffered a $300,000 loss.

Exposing the Vulnerabilities

Both breaches exploited a critical flaw in smart contracts, giving the attacker the ability to override contractual capabilities. A new dependency introduced a shift in storage layout, creating an opening for exploitation. Using this, attackers upgraded contracts, bypassing administrative access to facilitate fund withdrawals.

In response to these events, Pike Finance has taken proactive measures, offering a 20% reward for the return of funds or any valuable information aiding in their recovery. The protocol commits to a thorough investigation and pledges to strengthen its security infrastructure to prevent similar occurrences in the future.

Crypto Hack Trends in Focus

In addition to Pike Finance’s plight, CertiK uncovered a broader trend within the cryptocurrency sphere. April saw a significant decline in hacks and scams, dropping to a three-year low of $25.7 million in total losses.

This 141% decrease from the previous month’s figures is attributed to a decrease in private key compromises, highlighting the importance of enhanced security measures and community vigilance.

While Pike Finance is still processing the negative consequences of the last two exploits, the crypto as a whole has got to address constantly changing threats, including the high demand for security measures in the rapidly expanding DeFi.

DeFi innovation demands robust security. Stay tuned for updates on how Pike Finance is fortifying their defenses.