Bent Finance suffers exploit, requests users to withdraw ‘until further notice’

Bent Finance suffers exploit, requests users to withdraw ‘until further notice’

In 2021, victims of scams lost $7.7 billion worth of cryptocurrency to scammers, per a recent report, an 81% rise in losses compared to last year. A key source of rising cryptocurrency scams in 2021 was ‘rug pulls,’ which accounted for 37 per cent of all cryptocurrency scam revenue in 2021, at $2.8 billion.

Latest addition to this to the list

Staking and farming platform Bent Finance has become the latest victim to get hacked this month. Here are the interesting turn of events that took place,

Bent Finance first realized the exploit when the company reported no loss of funds.

2/ – we are investigating the curve LP pools, if you want to be safu, you can withdraw it now. We will update you as soon as we know more, as of now, no funds have been lost.— Bent Finance 🌈🦄 (@BENT_Finance) December 21, 2021

But this was not really the fate. Blockchain investigator PeckShield suspected a potential rug-pull event. The tweet read as:

“We have located the hack tx, which interestingly is sent from the Bent Finance: Deployer Bent Finance !!! What is going on?!”

Now this is where things went south. Bent Finance responded, stating, “Yes, we see the same and are working through it right now.”

Next Steps

Soon after the team appointed two independent white hat developers to get a better understanding of the unfortunate situation.

“There was an exploit from the bent deployer address, it added balance of cvxcrv and mim to an address on an unvierifed update 20 days ago. We just discovered this today. There are multiple members on this team and we will make this right.”

Further advised its pool investors to withdraw the funds until the exploit was thoroughly examined. The company has reiterated the stance to recover all stolen funds from the Bent curve pool:

Again, there is an active exploit on the bent curve pools. We recommend you withdraw from the protocol until further notice. We are not going anywhere and will recover from this one way or another. Thank you for your support— Bent Finance 🌈🦄 (@BENT_Finance) December 21, 2021

Here’s where it got interesting. Crypto fraud investigator and former member of the US Secret Service Joe McGill of TRM Labs shed light on actual loss. As per his claims, the said heist looted 440 Ethereum. I.e. $1.6 million at the time of writing.

The Bent Finance attacker funded one of the primary wallets via @TornadoCash cash deposits on Dec 9th. Attacker has funneled approximately 440 #Ethereum through TC since Dec 12 including todays attack. Stay tuned for more updates from @trmlabs.#cryptocurrency #DeFi #BugBounty https://t.co/WnaGeuNm4q— Joe McGill (@joes_mcgill) December 21, 2021

Overall, it’s been a difficult ride for the crypto platforms. Not so long ago, Grim Finance a Smart Yield Optimizer Platform lost over $30 million.

Source

Subscribe to get our top stories