$ pickle in a pickle, while the attacker is investing $ 20 million in the “Evil Jar” exploit


Related articles

Another attack on a large DeFi (decentralized finance) protocol took advantage of the Pickle Finance agricultural project for $ 20 million today.

The attack happened about two hours ago, and ETH-savvy Twitter users quickly noticed that the cDAI jar had been emptied by pickle – Pickle’s name for a productive vault:

Unlike other recent attacks, however, this exploit did not have flashloans – an increasingly malicious DeFi tool that gives potential exploiters additional liquidity to manipulate prices in the chain. Instead, this hacker traded money between a malicious copycat contract and the cDAI jar.

In an interview with Cointelegraph, Emiliano Bonassi – a self-described whitehat hacker and co-founder of DeFi Italy – stated that the attacker created “bad glasses”, smart contracts that “have the same interface as traditional glasses but do bad things. ”

The attacker then exchanged money between his “bad glass” and the real cDAI glass and paid off with the deposits of $ 20 million.

Particularly after the attack on Harvest Finance, Pickle Finance seemed well on its way to becoming one of the pre-eminent agricultural protocols. At press time, Pickle’s stats website reported a total banned value of nearly $ 75 million, while Pickle, the governance mark of Pickle Finance, fell 50% on the day to $ 11.16 .

Pickle Finance’s problems are only the latest in a worrying trend across the DeFi space. The latest victims of exploits in recent weeks include Harvest Finance, Value DeFi, Akropolis, Cheese Bank and Origin Dollar.

However, the weaknesses of one DeFi industry may lead to the success of another. Said a Twitter dealer: