CryptoSlate11 minutes ago

Published on July 21, 2023 16:35 GMT+00:00edited on July 21, 2023 16:39 GMT+00:00

DeFi protocol Conic Finance confirmed that it was exploited via a reentrancy attack earlier today for an undisclosed sum.

A reentrancy attack allows an attacker to drain funds of a vulnerable contract by repeatedly calling the withdraw function before it updates its balance. This attack has been commonly used to exploit several DeFi protocols.

Conic Finance stated that it initially disabled the front end of its Omnipool Ethereum deposits, adding that it has initiated a fix to the affected contract.

“The root cause was a re-entrancy attack that was able to be performed because of a wrong assumption as to what address is returned by the Curve Meta Registry for ETH in Curve V2 pools.”

Curve Finance also added that only the ETH Omnipool was affected.

According to its website, Conic …