Penpie Hacker Launders 26% of $27M Stolen Funds in 12 Hours

September 04, 2024 11:17 PM AEST | By Team Kalkine Media

Google News:

Penpie Hacker Launders 26% of $27M Stolen Funds in 12 Hours — Image source: Shutterstock

Recent News

CBA, JBH, BKW & NST: Aussie Share Market Momentum and Index Presence

Uranium Stocks Rally on ASX Amid Rising Global Demand

Tracking SHL and XRO Stocks on the ASX 200 and the Aussie Share Market

CBA Share Momentum Continues Amid Aussie Share Market Surge

A hacker who stole $27 million from the Penpie protocol on September 3 has laundered approximately $7 million of the stolen funds through the crypto mixer Tornado Cash within just 12 hours. The breach highlights significant security risks in decentralized finance (DeFi) systems.

Web3 security firm Cyvers reported on September 4 that 26% of the stolen funds were funneled through Tornado Cash addresses. Blockchain security firm PeckShield confirmed that the hacker continues to move the stolen funds through multiple transactions.

Following the attack, the {Penpie} (PNP) protocol suspended all deposits and withdrawals. The attack began at 17:45 UTC when the hacker deployed the initial contract used in the breach. Decentralized finance protocol Pendle responded by halting all contracts, effectively preventing further theft and safeguarding $105 million that could have been at risk. Pendle's contracts were safely reactivated at 00:50 UTC on September 4 after thorough checks.

The rise in cyberattacks targeting cryptocurrencies and DeFi platforms is a growing concern. An Immunfi report released on August 29 revealed that over $1.2 billion has been stolen in hacks and exploits in 2024, marking a 15.5% increase from the previous year.

The FBI also issued a warning on September 3 about North Korean cybercriminals targeting DeFi and cryptocurrency firms through sophisticated social engineering tactics. The month of August alone saw significant losses, with security firm PeckShield reporting over $313 million in stolen funds, including $238 million in Bitcoin and $55 million in Dai.

In a separate incident, India's WazirX exchange suffered a major cyberattack in July, resulting in a loss of $234.9 million. The exchange has begun a phased plan to restore operations and is pursuing legal action in Singapore. As of September 3, WazirX has allowed users to withdraw up to 66% of their Indian rupee balances.

These incidents underscore the pressing need for enhanced security measures in the rapidly evolving DeFi space.

Disclaimer

The content, including but not limited to any articles, news, quotes, information, data, text, reports, ratings, opinions, images, photos, graphics, graphs, charts, animations and video (Content) is a service of Kalkine Media Pty Ltd (Kalkine Media, we or us), ACN 629 651 672 and is available for personal and non-commercial use only. The principal purpose of the Content is to educate and inform. The Content does not contain or imply any recommendation or opinion intended to influence your financial decisions and must not be relied upon by you as such. Some of the Content on this website may be sponsored/non-sponsored, as applicable, but is NOT a solicitation or recommendation to buy, sell or hold the stocks of the company(s) or engage in any investment activity under discussion. Kalkine Media is neither licensed nor qualified to provide investment advice through this platform. Users should make their own enquiries about any investments and Kalkine Media strongly suggests the users to seek advice from a financial adviser, stockbroker or other professional (including taxation and legal advice), as necessary. Kalkine Media hereby disclaims any and all the liabilities to any user for any direct, indirect, implied, punitive, special, incidental or other consequential damages arising from any use of the Content on this website, which is provided without warranties. The views expressed in the Content by the guests, if any, are their own and do not necessarily represent the views or opinions of Kalkine Media. Some of the images/music that may be used on this website are copyright to their respective owner(s). Kalkine Media does not claim ownership of any of the pictures displayed/music used on this website unless stated otherwise. The images/music that may be used on this website are taken from various sources on the internet, including paid subscriptions or are believed to be in public domain. We have used reasonable efforts to accredit the source wherever it was indicated as or found to be necessary.