According to reports from on-chain detectives, UwU Lend has been hit by a cyber-attack, resulting in a loss of $3.72 million.
This marks the second attack on the decentralized finance (DeFi) lending platform, underscoring the persistent vulnerabilities within the crypto industry.
UwU Lend Loses $23.22 Million to the Same Attacker in a Week
Barely three days after losing $19.5 million to a cyber-attack, UwU Lend has suffered an additional $3.72 million loss to the same exploiter. This follows a report by Web3 security platform Cyvers, which highlighted the transaction in a post on X.
Experts attributed the initial attack to a flash loan, where the attacker swapped USDe for other tokens, which led to a lower price of USDe and sUSDe. The attacker then deposited some to UwU Lend, lending more sUSDe than expected.
“The sUSDe token price used by UwULend is dependent on five pairs. Though these pairs are deep, they did not thwart the attacker from flash-loaning enormous amounts of assets to manipulate price and reap liquidation bonus,” security firm Certik noted in its forensic report of the attack.
Read More: Top 5 Flaws in Crypto Security and How To Avoid Them
In a flash loan, users borrow assets without providing collateral, returning the borrowed funds within the same transaction. This unique feature in DeFi lending distinguishes flash loans from traditional loans, which typically require collateral.
UwU Lend did not immediately respond to BeInCrypto’s request for comment. Nevertheless, it is concerning that the same bad actor targeted the DeFi lending protocol within days. This raises significant questions about the network’s security defenses. Notably, in the Monday attack, UwU Lend acknowledged the loss and followed up the next day with a message stating it had identified and resolved the security vulnerability.
UwU Founder is Suspected of Shady Activities
Community members are actively criticizing UwU Lend founder, Michael Patryn, also known as “Omar Dhanani” and “0xSifu”. This speculation arises as Patryn co-founded the cryptocurrency exchange QuadrigaCX, which ultimately collapsed amidst fraud-related allegations.
“Seems to be a massive DeFi rugpull in progress, disguised as a series of hacks & liquidations Likely orchestrated by Michael Patryn aka SIFU (best known for QuadrigaCX & other crypto ponzis) Mich (Michael Egorov) is either target or collaborator,” Rho Rider noted.
These concerns have reached investors, with DefiLlama data showing a 28% drop in Total Value Locked (TVL) this week. UwU Lend’s TVL has decreased from $91.05 million on Monday, June 10, to $65.8 million at press time. A drop in TVL indicates a reduction in the total amount of assets locked or deposited in the DeFi protocol.
Read more: 9 Crypto Wallet Security Tips To Safeguard Your Assets
This indicates that users may be withdrawing their funds or migrating to other platforms due to increasing security risks. Security breaches and hacks in the crypto space can be alarming and disruptive, and investors should take precautions to protect their assets.
The post UwU Lend Suffers Second Attack in a Week, Losing $3.72 Million appeared first on BeInCrypto.