Security

Curve Finance awards researcher $250k, Curve DAO (CRV) still in red after hack

In a significant development, Curve Finance, the protocol behind Curve DAO (CRV) cryptocurrency, has recognized the contributions of cybersecurity researcher Marco Croc by awarding him $250,000 for uncovering a critical vulnerability within the protocol.

The researcher, operating under the pseudonym Marco Croc and representing Kupia Security, identified a reentrancy vulnerability in Curve Finance’s decentralized finance (DeFi) protocol.

The identified vulnerability had the potential to facilitate hackers facilitate hackers in pulling out substantial amounts from cryptocurrency protocols. By disclosing the flaw and explaining how it could manipulate balances and withdraw funds from liquidity pools, Croc has contributed significantly to strengthening the security of Curve Finance.

Big thanks for the disclosure! Grieving attacks are not as dangerous (funds would be anyway recoverable, and no profit for attacker) – could have caused serious panic if happened.

This is an example of a very professional work

— Curve Finance (@CurveFinance) April 30, 2024

Curve DAO (CRV) still reeling from recent hack

Despite the positive development of rewarding Croc for his discovery, Curve DAO Token (CRV) still finds itself facing challenges amidst a broader market downturn.

The CRV has experienced a significant decline in value over the past month, dropping by a staggering 39.33%. Furthermore, the token’s market capitalization has also taken a hit, plummeting by 2.05% in the last 24 hours alone.

CRV/USDT price chart

While this downward trajectory is reflective of the overall market instability witnessed across various digital assets, CRV’s struggles follow a series of adverse events, including a recent hack that impacted Curve Finance.

Curve Finance recovery efforts

In light of the 2023 hack that shook Curve Finance, efforts are underway to facilitate recovery and address the aftermath of the incident.

The protocol recently managed to recover from a $62 million hack, with a focus on reimbursing affected liquidity providers. Besides the recovery and reimbursement efforts, the protocol has also issued a $1.85M public bounty for unmasking DeFi exploiter.

On-chain data confirms that a significant majority of token holders have approved the disbursement of tokens amounting to over $49.2 million. These funds are intended to cover losses incurred by various pools, including Curve, JPEG’d (JPEG), Alchemix (ALCX), and Metronome (MET).

Just wanted to emphasize the scale of this. Victims are made whole with this vote with:
– $7.2M worth of ETH recovered by whitehats to the DAO being distributed
– $42M worth of CRV compensating unrecovered parts (vested)
– Other whitehat-recovered funds distributed before vote https://t.co/qmcK9pmTe5

— Curve Finance (@CurveFinance) December 22, 2023

It is yet to be seen whether the reimbursement effort will boost CRV’s sentiment and save it from the current decline.

The post Curve Finance awards researcher $250k, Curve DAO (CRV) still in red after hack appeared first on Invezz

Source

Click to rate this post!
[Total: 0 Average: 0]
Show More

Leave a Reply

Your email address will not be published. Required fields are marked *