• no ads
  • no ads

$20M Stolen from DeFi Project Pickle Finance

A hacker has stolen nearly $20 million from DeFi protocol Pickle Finance, according to an official statement on Nov. 22.

  • The hacker had drained 19,759,355 DAI from the pDAI PickleJar (forked versions of Yearn Finance vaults) on Nov. 21 
  • The team conducted a forensic analysis of the exploit, which they labelled as highly complex
  • Shortly after the analysis, the team implemented a fix and provided an abridged version of the exploit’s post-mortem 
  • The attacker created two smart contracts to exploit the swap functions of the PickleJar’s Controller contract, eventually withdrawing DAI from the pDAI PickleJar
  • In short, the attacker exploited several design flaws within the platform’s smart contracts
  • This hack follows several that have occurred in the DeFi space in 2020, which hackers have targeted as has investors have flocked to its high yield programs
  • Harvest Finance recently lost $24 million in hack in the most high-profile case in recent months, and others victims include bZx and Balancer
Related post