- UwU Lend, a crypto lending protocol, has faced a severe security breach.
- The ongoing exploit has resulted in the theft of approximately $20 million worth of digital assets.
- On-chain security firm Cyvers Alert has confirmed the active exploitation and warned that losses might escalate further.
UwU Lend suffers a major security breach with $20M worth of digital assets stolen during an ongoing attack.
UwU Lend Faces Major Security Breach
According to on-chain observer Arkham, UwU Lend, a lending protocol initiated by former Frog Nation CFO 0xSifu, has been compromised. UwU Lend functions as a liquidity market, allowing users to deposit and borrow digital assets. It appears that the protocol has vulnerabilities, leading to the abnormal outflow of approximately $19.3 million in funds.
Security Firms Confirm the Exploit
Both Arkham and Cyvers Alert have verified the exploit. Initially, Cyvers Alert announced, “Hey UwU_Lend, you’re under attack! Approximately $14 million has been taken so far.” Subsequently, this figure has surpassed $20 million, according to Cyvers’ Chief Technology Officer and co-founder Meir Dolev. The team is still investigating the incident, which affects multiple digital assets.
ALERT: Possible exploit on Uwulend🚨🚨
$19.3M removed so far.
Address: pic.twitter.com/Bx7cLbkrqE
— Arkham (@ArkhamIntel) June 10, 2024
The Attack Continues and Hacker Employs Tornado Cash
Following the attack, Cyvers noted that the hackers employed the crypto mixer Tornado Cash. The security firm revealed that the attacker conducted three malicious transactions, securing roughly $19.5 million. As the attack is ongoing, this amount could increase. The attacker is currently converting stolen digital assets into ETH. Cyvers also stated that their system had detected suspicious contract deployments before the hack took place.
🚨ALERT🚨Our system has detected a series of suspicious transactions involving @UwU_Lend!
Attacker has executed 3 transactions and was able to get around $19.5M. But hack is still ongoing! Amount might increase. Right now attacker is swapping stolen digital assets to $ETH.… pic.twitter.com/V2RrqYagD2
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) June 10, 2024
Crypto Attacks Surge in 2024
Crypto hackers are on track to exceed the amount stolen in 2023. In the first quarter of 2024, hackers have stolen digital assets worth $542.7 million, marking a 42% increase compared to the same period in 2023. This uptick is attributed to the rising value of digital assets, which has attracted more malicious actors. Merkle Science’s co-founder and CEO, Mriganka Pattnaik, suggests that the increase in cyber exploits is also driven by attackers targeting more vulnerable platforms.
Conclusion
The UwU Lend hack underlines the persistent vulnerabilities in the DeFi sector. The ongoing exploit has already caused significant financial losses, and as security firms continue their investigations, users are urged to stay vigilant. Such incidents highlight the critical importance of robust security measures to protect digital assets from increasingly sophisticated cyber threats.