Pike Finance was exploited resulting in the loss of $1.68 million worth of digital assets. The incident marks the protocol’s second exploit in three days.
Decentralized finance lending protocol Pike Finance suffered a $1.68 million exploit across the Ethereum, Arbitrum and Optimism chains on April 30, according to a report from on-chain analytics firm CertiK, shared with Cointelegraph. The attacker used a vulnerability in Pike Finance’s smart contract to change the output address, draining the contract of over $1.4 million worth of Ether (The two attacks stemmed from the same smart contract vulnerability, which allowed the attacker to override the contract, according to a May 1 X
“This misalignment caused the contract to behave as if it was uninitialized since the *initialized* variable could no longer be accessed. As a result, attackers were then able to upgrade the spoke contracts, bypassing admin access, and as a result, withdraw funds.” Pike Finance is offering a 20% reward for the return of the funds or information leading to the recovery of the funds. The protocol will continue investigating the exploit.Bitcoin price loses $60K support to hit 2-month lows