All you should know about the $35M exploit that hit VEE Finance
DeFi hacks are growing exponentially by the week. With the risks associated with DeFi yet to be fully plugged in, hackers know how to exploit some of these vulnerabilities very well.
The latest to fall victim to such hackers is Vee Finance. The decentralized finance platform has fallen victim to a $35 million exploit. According to reports, the alleged hacker collected stolen assets on one address after exploiting the VEE Finance trade contract address.
Announcement: Our platform may have been exploited. All services have been paused. We are investigating the cause, please follow our official accounts for latest update.
Thanks!— vee.finance? (@VeeFinance) September 20, 2021
In fact, as per the official blog post, the “VEE Finance team monitored a number of abnormal transfers and after further monitoring, a total of 8804.7 ETH and 213.93 BTC were attacked.” This amounted to more than $35 million, at the time of writing.
Now, the timing of the aforementioned development is especially interesting. Just a few days ago, the platform officially launched its mainnet on Avalanche, alongside a liquidity mining launch. Meanwhile, it also promoted itself in a different post.
In the same, it shed some light on its total value locked hitting $300 million. In addition to this, Vee Finance has also been airdropping tokens and promoting yields of 600% for VEE/AVAX liquidity mining pools.
Needless to say, many in the community were quick to throw the ‘never celebrate too early’ catchphrase at VEE Finance.
Further investigation (Post-Mortem)
In its latest findings, the team released a series of FAQs to address concerns that were being raised post the incident.
For instance, the attack transpired on a pending contract and all assets in the stablecoin sector were not affected. i.e. USDT.e, USDC.e, and DAI.e holdings were safe.
To curb down the losses, however, the protocol halted all of its services to “protect the safety of more users’ assets.”
What’s more, according to the blog, the attacker didn’t transfer the stolen funds. Ergo, the team behind the DeFi protocol is
“…working with contract auditors and exchanges in the industry to locate the attacker and assist in recovering the assets.”
The team is also monitoring and investigating the attack address ‘with code review agencies and trading platforms.’
To conclude the report, the team added,
“The VEE team is taking this incident seriously and will do our best to protect the interests of VEE Finance users. We will complete the investigation and release the incident report as soon as possible, after which we will study the detailed compensation plan based on the incident results.”
VEE Finance isn’t the only platform to face such a fate. For instance, the Binance Smart Chain platform pNetwork was exploited for around $13 million in tokenized Bitcoin. Last week, the Avalanche-based Zabu Finance protocol was hacked for $3.2 million.
As expected, the platform’s native coin VEE token saw a significant price decline as soon as news of the hack broke. In fact, its decline, at press time, amounted to around 38% in 24 hours.