Cyvers in the News

Hacker mints 1B tokens in $16M Curio smart contract exploit

‍Curio said it will conduct a fund compensation program for affected liquidity providers, which could potentially take up to one year to complete.

^{Web3 security firm Cyvers estimated that the losses from the exploit are about $16 million.} The security firm said the exploit involved a “permission access logic vulnerability.”

https://news.bitcoin.com/prisma-finance-suffers-11-6m-hack-in-liquid-staking-shockwave-moves-to-mitigate-fallout/#:~:text=Cyvers,-reported%20the%20intrusion

Prisma Finance Suffers $11.6M Hack in Liquid Staking Shockwave, Moves to Mitigate FalloutOn a recent Thursday, blockchain surveillance and safety squads from Peckshield and Cyvers reported the intrusion into Prisma Finance’s liquid staking mechanism. ^{Cyvers unveiled that their monitoring system identified a “malicious contract” a mere two minutes before the attack was executed.}

Prisma Finance Hacked: $11 Million Gone in DeFi Breach

‍An analyst from Cyvers detailed the attack’s mechanics. They explained to BeInCrypto how the perpetrators funded their operations through FixedFloat before deploying a malicious contract. ^{Cyvers identified this contract two minutes before the initial exploit transaction}, highlighting the attack’s rapid succession and execution.

‍

‍“It is more than $11 million now. It can go $20 million as there is still funds in the contract. We messaged Prisma Finance to pause their contract since it has pause function,” security researchers at Cyvers told BeInCrypto.