By
Godfrey Benjamin
April 25th, 2024
Upbit noted that CRV has experienced increased volatility.
South Korean exchange Upbit has halted trading of the Curve Finance (CRV) token after the project suffered a major exploit over the weekend. According to an Upbit announcement, the exchange temporarily halted CRV deposits and withdrawals to safeguard all transactions and protect users from potential losses.
How the Curve Finance Exploit Happened
Curve Finance, the second-largest DeFi exchange on Ethereum after Uniswap, was hit by a reentrancy bug that exploited a vulnerability in its Vyper programming language. The attack exposed several stablecoin pools on the platform, putting more than $100 million worth of crypto assets at risk. The affected pools include alETH, msETH, and pETH, which are used for pricing and liquidity on various DeFi services.
Upbit said:
“Today, certain vulnerabilities have been discovered in some of the stablecoin pools associated with Curve (CRV). We advise exercising caution when considering any investments related to CRV.”
The Curve team said they are assessing the situation and will update the community as things develop. At the time, all affected pools had been white-hacked. They also assured that other pools are safe and not affected by the exploit.
While Upbit has suspended withdrawals and deposits, other exchanges like Binance, Huobi, and OKEx have yet to suspend trading. However, Huobi said that it’s “monitoring the situation closely.”
CRV Price Falls after Curve Finance Exploit
Following the attack, Upbit noted that CRV has experienced increased volatility. The token price dropped by 12.36 % on July 30 and was $0.61 at the time of writing. The price crash also threatened to trigger a liquidation on the founder of Curve’s $70 million borrowing position on Aave, another DeFi lending platform.
The Curve Finance exploit also threatened to cause wider volatility in the broader cryptocurrency market. Bitcoin and Ether faced slight fluctuations but soon stabilized at $29,450 and $1,870 respectively.
DeFi Attacks
The Curve exploit is the latest in a series of attacks that have plagued the DeFi sector. In April, Hundred Finance lost about $7 million on the Ethereum layer-2 blockchain Optimism. Merlin DEX also lost about $1.8 million from the protocol in April. Also in March, hackers stole $197 million from DeFi protocol Euler Finance.
These incidents highlight the risks and challenges that DeFi users and developers face as they seek to innovate and disrupt the traditional financial system.