Best crypto insights delivered straight to your inbox.
- Uwu Lend has been hacked for $19.4 million worth of crypto.
- The protocol promised to refund users “up to 80% of their original deposited amount.”
- Incidents of cryptocurrency theft on the rise.
Uwu Lend, a DeFi protocol created by fraudster Michael Patryn, a.k.a “Sifu”, has been hacked for $19.4 million, according to the blockchain security firm Peckshield. Uwu Lend confirmed the exploit on Monday and said it would refund users “up to 80% of their original deposited amount.”
Also read: Crypto Exchange DMM Bitcoin Vows To Repay Users After $300M Hack
Peckshield reports that the attack involved the use of ‘flash loans’, a type of loan that allows decentralized finance (DeFi) users to borrow crypto without collateral, but one that can also be manipulated. The Uwu Lend hacker targeted five stablecoin pairs to manipulate the price feed of sUSDe, and made off with nearly $20 million in USDC, FRAX, crvUSD and blUSD.
Sifu’s Uwu Lend to reimburse users
Sifu was removed from his role as treasurer of DeFi protocol Wonderland in February 2022 after he was revealed as Patryn, co-founder of the Canadian crypto exchange Quadriga CX. The exchange lost $124 million of user funds in 2019. Sifu is also a former convict who did time for bank fraud in the U.S., but he was not accused of any wrongdoing at Wonderland.
Today’s @UwU_Lend hack leads to $19.4m loss.
The root cause is a price oracle issue. In particular, the sUSDe asset is priced as median from multiple sources. Five of them, i.e., FRAXUSDe, USDeUSDC, USDeDAI, USDecrvUSD, and GHOUSDe, were manipulated during the hack.
The stolen… https://t.co/4ec92zxoql pic.twitter.com/xuGGegfDpV
— PeckShield Inc. (@peckshield) June 10, 2024
Uwu Lend came out of leading lending protocol Aave, particularly its so-called v2 codebase, allowing users to borrow, lend and stake a variety of crypto assets. According to Peckshield, the stolen funds were converted to Ethereum (ETH) and transferred to two separate wallet addresses.
Uwu Lend said on X that it paused the protocol immediately after the exploit “while the team investigates the situation”. It added, “We are working with external networks to issue a reimbursement for affected victims during the process.”
The protocol said it would refund people “up to 80% of their original deposited amount”. Users will need to check their eligibility for a refund. Uwu Lend has also sent back to users more than $5.3 million from lending pools that were not affected by the hack.
Also read. OKX user loses $2 million crypto in AI hack
The breach comes just a week after Japanese exchange DMM Bitcoin lost over $305 million worth of cryptocurrency in an “unauthorized leak”. Recently, Loopring, the Ethereum layer 2 platform, lost $5 million in ETH to a hacker and crypto exchange Lykke was plundered for $19.5 million of BTC and ETH.
Cryptopolitan Reporting by Jeffrey Gogo
The smartest crypto minds already read our newsletter. Want in? Join them.
Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.
CRASH COURSE
- Which cryptocurrencies can make you money
- How to boost your security with a wallet (and which ones are actually worth using)
- Little-known investment strategies that the pros use
- How to get started investing in crypto (which exchanges to use, the best crypto to buy etc)